Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-38 Exam - Topic 5 Question 73 Discussion

Actual exam question for Eccouncil's 312-38 exam
Question #: 73
Topic #: 5
[All 312-38 Questions]

Kyle, a front office executive, suspects that a Trojan has infected his computer. What should be his first course of action to deal with the incident?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Dean at Aug 06, 2023, 03:15 AM

Limited Time Offer

25%

Off

Get Premium 312-38 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Yan
6 months ago
Not sure if waiting for IRT is the best move, time is of the essence!
upvoted 0 times
...
Teresita
6 months ago
Containing the damage is a must, but IRT should be alerted ASAP.
upvoted 0 times
...
Lino
7 months ago
Surprised that informing everyone is an option, seems risky!
upvoted 0 times
...
Carlene
7 months ago
I think disconnecting the infected devices is crucial too.
upvoted 0 times
...
Azalee
7 months ago
Definitely should inform the IRT first!
upvoted 0 times
...
Nidia
7 months ago
I don't think informing everyone is the right move initially. It might cause unnecessary panic, right?
upvoted 0 times
...
Jenifer
7 months ago
I feel like informing the Incident Response Team is crucial, but I wonder if he should do something else before that.
upvoted 0 times
...
Carry
8 months ago
I remember a practice question where we had to disconnect infected devices first. Is that what Kyle should do here too?
upvoted 0 times
...
Mollie
8 months ago
I think the first step should be to contain the damage, but I'm not entirely sure if that's the best approach in this scenario.
upvoted 0 times
...
Ranee
8 months ago
This question seems straightforward, I think the answer is A since Edgeline servers are specialized for edge deployments.
upvoted 0 times
...
Merri
8 months ago
Okay, I think I've got this. The key is that we want the execution to be performed only in the development data environment, so option A seems like the best choice here.
upvoted 0 times
...
Janine
1 year ago
B) Disconnect the five infected devices from the network. Gotta save the network, even if it means sacrificing a few devices. It's like a cybersecurity version of 'the needs of the many outweigh the needs of the few'.
upvoted 0 times
Rolland
12 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Julian
12 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Cecil
12 months ago
A) Contain the damage
upvoted 0 times
...
...
Reyes
1 year ago
D) Inform everybody in the organization about the attack. Transparency is key, and everyone deserves to know about the impending doom. Let the panic commence!
upvoted 0 times
Kris
11 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Nan
12 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Rhea
12 months ago
A) Contain the damage
upvoted 0 times
...
...
Sharan
1 year ago
A) Contain the damage. The old 'quarantine and observe' approach. It's the responsible thing to do, like a cybersecurity superhero!
upvoted 0 times
Elmer
12 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Davida
12 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Hubert
1 year ago
A) Contain the damage
upvoted 0 times
...
...
Garry
1 year ago
B) Disconnect the five infected devices from the network. Can't have those Trojans spreading like wildfire, right? Gotta act fast!
upvoted 0 times
Billye
12 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Joanna
1 year ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Hyun
1 year ago
A) Contain the damage
upvoted 0 times
...
...
Fausto
1 year ago
C) Inform the IRT about the incident and wait for their response. Duh, that's the obvious choice! IRT knows what to do in these situations.
upvoted 0 times
Jettie
11 months ago
C) Inform the IRT about the incident and wait for their response. Duh, that's the obvious choice! IRT knows what to do in these situations.
upvoted 0 times
...
Willis
12 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Floyd
12 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Noe
12 months ago
A) Contain the damage
upvoted 0 times
...
Lai
1 year ago
Definitely, but the IRT can provide guidance on that.
upvoted 0 times
...
My
1 year ago
Contain the damage should also be a priority, right?
upvoted 0 times
...
Miss
1 year ago
Yeah, they're trained to handle these situations efficiently.
upvoted 0 times
...
Nakita
1 year ago
Informing the IRT is definitely the right move.
upvoted 0 times
...
...
German
1 year ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Elli
1 year ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Nichelle
1 year ago
A) Contain the damage
upvoted 0 times
...

Save Cancel