Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-38 Exam - Topic 5 Question 73 Discussion

Actual exam question for Eccouncil's 312-38 exam
Question #: 73
Topic #: 5
[All 312-38 Questions]

Kyle, a front office executive, suspects that a Trojan has infected his computer. What should be his first course of action to deal with the incident?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Dean at Aug 06, 2023, 03:15 AM

Limited Time Offer

25%

Off

Get Premium 312-38 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Yan
5 months ago
Not sure if waiting for IRT is the best move, time is of the essence!
upvoted 0 times
...
Teresita
5 months ago
Containing the damage is a must, but IRT should be alerted ASAP.
upvoted 0 times
...
Lino
5 months ago
Surprised that informing everyone is an option, seems risky!
upvoted 0 times
...
Carlene
5 months ago
I think disconnecting the infected devices is crucial too.
upvoted 0 times
...
Azalee
6 months ago
Definitely should inform the IRT first!
upvoted 0 times
...
Nidia
6 months ago
I don't think informing everyone is the right move initially. It might cause unnecessary panic, right?
upvoted 0 times
...
Jenifer
6 months ago
I feel like informing the Incident Response Team is crucial, but I wonder if he should do something else before that.
upvoted 0 times
...
Carry
6 months ago
I remember a practice question where we had to disconnect infected devices first. Is that what Kyle should do here too?
upvoted 0 times
...
Mollie
6 months ago
I think the first step should be to contain the damage, but I'm not entirely sure if that's the best approach in this scenario.
upvoted 0 times
...
Ranee
6 months ago
This question seems straightforward, I think the answer is A since Edgeline servers are specialized for edge deployments.
upvoted 0 times
...
Merri
6 months ago
Okay, I think I've got this. The key is that we want the execution to be performed only in the development data environment, so option A seems like the best choice here.
upvoted 0 times
...
Janine
11 months ago
B) Disconnect the five infected devices from the network. Gotta save the network, even if it means sacrificing a few devices. It's like a cybersecurity version of 'the needs of the many outweigh the needs of the few'.
upvoted 0 times
Rolland
10 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Julian
10 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Cecil
10 months ago
A) Contain the damage
upvoted 0 times
...
...
Reyes
11 months ago
D) Inform everybody in the organization about the attack. Transparency is key, and everyone deserves to know about the impending doom. Let the panic commence!
upvoted 0 times
Kris
10 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Nan
10 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Rhea
10 months ago
A) Contain the damage
upvoted 0 times
...
...
Sharan
11 months ago
A) Contain the damage. The old 'quarantine and observe' approach. It's the responsible thing to do, like a cybersecurity superhero!
upvoted 0 times
Elmer
10 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Davida
10 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Hubert
11 months ago
A) Contain the damage
upvoted 0 times
...
...
Garry
12 months ago
B) Disconnect the five infected devices from the network. Can't have those Trojans spreading like wildfire, right? Gotta act fast!
upvoted 0 times
Billye
10 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Joanna
11 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Hyun
11 months ago
A) Contain the damage
upvoted 0 times
...
...
Fausto
12 months ago
C) Inform the IRT about the incident and wait for their response. Duh, that's the obvious choice! IRT knows what to do in these situations.
upvoted 0 times
Jettie
10 months ago
C) Inform the IRT about the incident and wait for their response. Duh, that's the obvious choice! IRT knows what to do in these situations.
upvoted 0 times
...
Willis
10 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Floyd
10 months ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Noe
10 months ago
A) Contain the damage
upvoted 0 times
...
Lai
10 months ago
Definitely, but the IRT can provide guidance on that.
upvoted 0 times
...
My
11 months ago
Contain the damage should also be a priority, right?
upvoted 0 times
...
Miss
11 months ago
Yeah, they're trained to handle these situations efficiently.
upvoted 0 times
...
Nakita
11 months ago
Informing the IRT is definitely the right move.
upvoted 0 times
...
...
German
12 months ago
C) Inform the IRT about the incident and wait for their response
upvoted 0 times
...
Elli
1 year ago
B) Disconnect the five infected devices from the network
upvoted 0 times
...
Nichelle
1 year ago
A) Contain the damage
upvoted 0 times
...

Save Cancel