A company’s monitoring system uses known traffic patterns for each department. During a company holiday, a surge in remote connections is identified in human resources. Which approach helps verify if this unusual surge matches historical patterns for that department?
Collect a minimal subset of logs to reduce analysis steps
Review historical usage trends for the department to recognize potential outliers
Disable alerts for that department because they are off duty
Deactivate all incoming connections from outside the network
Reviewing previous connection data is a reliable way to recognize outlier traffic. Blocking inbound connections applies to external threats rather than internal spikes. Gathering partial logs removes useful data that helps analyze sudden changes. Turning off alerts in a department conceals indicators that might reveal malicious behavior.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are historical usage trends, and why are they helpful in identifying unusual traffic?
Open an interactive chat with Bash
How do known traffic patterns differ for each department within a company?
Open an interactive chat with Bash
What tools or methods can companies use to analyze historical traffic data and detect anomalies?