Certified Incident Handler (CIH) Practice Ecam

What tool did Ross use to secure an organization from insider threats?

• A. DataRobot
• B. Ekran System
• C. Vectra Cognito
• D. Nuix Adaptive Security

The correct answer is: DataRobot

The correct answer to the question about what tool Ross used to secure an organization from insider threats is the Ekran System. The Ekran System is specifically designed for insider threat detection and prevention by monitoring users' activities within an organization. It provides real-time visibility into user actions, allowing for the identification of suspicious behavior that could indicate potential insider threats. Features such as session recording, alerting, and detailed user reports empower security teams to respond effectively to various potential risks, including data exfiltration or misuse of sensitive information. DataRobot, while an advanced platform for automated machine learning, primarily focuses on data science and predictive analytics rather than specifically addressing insider threats. Vectra Cognito is centered on network threat detection using AI, which assists in identifying threats but may not provide the same level of granularity for insider threats as the Ekran System. Similarly, Nuix Adaptive Security is more focused on digital forensics and incident response, which, while valuable in a security context, does not offer the same direct surveillance and prevention capabilities against insider threats as Ekran System does. Thus, the most effective tool for Ross in addressing insider threats is the Ekran System due to its specialized features tailored for monitoring and mitigating such risks