How would you accomplish this?

You have selected the event “port scan from internal network in Eventia Analyzer”, to detect an
event when 30 ports have occurred when 60 seconds. You want to detect two ports scans from a
host within 10 seconds of each other. How would you accomplish this?

You have selected the event “port scan from internal network in Eventia Analyzer”, to detect an
event when 30 ports have occurred when 60 seconds. You want to detect two ports scans from a
host within 10 seconds of each other. How would you accomplish this?

A.
You cannot set Eventia Analyzer to detect two port scans within 10 seconds of each other.

B.
Select the two port-scan detections as a new event.

C.
Select the two port-scan detections as a sub event.

D.
Select the two port-scan detections as an exception.

Explanation:

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *