Eccouncil Exam 312-49 Topic 1 Question 7 Discussion

Actual exam question for Eccouncil's 312-49 exam

Question #: 7
Topic #: 1

An EC2 instance storing critical data of a company got infected with malware. The forensics team took the EBS volume snapshot of the affected Instance to perform further analysis and collected other data of evidentiary value. What should be their next step?

AThey should pause the running instance

BThey should keep the instance running as it stores critical data

CThey should terminate all instances connected via the same VPC

DThey should terminate the instance after taking necessary backup

Show Suggested Answer

Suggested Answer: B

by Levi at May 05, 2022, 08:02 AM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Dominga

3 days ago

That's a good point. Maybe they should take necessary backup and then terminate the instance.

upvoted 0 times

...

Colette

4 days ago

But what if keeping the instance running is crucial for the company's operations?

upvoted 0 times

...

Dominga

10 days ago

I think they should pause the running instance.

upvoted 0 times

...