Bird
0
0

If a log parsing script fails to detect certain attack patterns, what is the most probable cause during the detection and analysis phase?

medium📝 Analysis Q6 of 15
Cybersecurity - Incident Response
If a log parsing script fails to detect certain attack patterns, what is the most probable cause during the detection and analysis phase?
AThe network hardware is malfunctioning
BThe script lacks updated pattern definitions
CUser permissions are incorrectly set
DThe firewall is blocking log access
Step-by-Step Solution
Solution:

  1. Step 1: Identify script failure reason

    Missing detections often result from outdated or incomplete pattern definitions.

  2. Step 2: Exclude unrelated causes

    Hardware issues or permissions typically do not affect script pattern matching.

  3. Final Answer:

    The script lacks updated pattern definitions -> Option B

  4. Quick Check:

    Detection depends on current pattern data [OK]
Quick Trick: Scripts need updated patterns to detect attacks [OK]
Common Mistakes:
MISTAKES
  • Blaming hardware or permissions for detection failures
  • Assuming firewall blocks script execution
  • Ignoring the need for pattern updates

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Endpoint Detection and Response (EDR) - Quiz 8hard Compliance and Governance - PCI DSS for payment data - Quiz 1easy Digital Forensics - Why forensics preserves evidence - Quiz 14medium Digital Forensics - Why forensics preserves evidence - Quiz 8hard Digital Forensics - Mobile device forensics - Quiz 5medium Digital Forensics - Network forensics - Quiz 5medium Digital Forensics - Why forensics preserves evidence - Quiz 15hard Incident Response - Incident documentation - Quiz 6medium Incident Response - Eradication and recovery - Quiz 12easy Security Architecture and Design - Threat modeling (STRIDE, DREAD) - Quiz 10hard