New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-49 Exam - Topic 1 Question 7 Discussion

Actual exam question for Eccouncil's 312-49 exam
Question #: 7
Topic #: 1
[All 312-49 Questions]

An EC2 instance storing critical data of a company got infected with malware. The forensics team took the EBS volume snapshot of the affected Instance to perform further analysis and collected other data of evidentiary value. What should be their next step?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Levi at May 05, 2022, 08:02 AM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Benedict
4 months ago
I think they should back it up first before any termination.
upvoted 0 times
...
Crista
4 months ago
Wait, why not just isolate it instead of terminating?
upvoted 0 times
...
Truman
4 months ago
Terminating the instance seems too extreme, though.
upvoted 0 times
...
Tiera
4 months ago
Keeping it running is risky, I agree with A.
upvoted 0 times
...
Celestine
5 months ago
They should definitely pause the running instance.
upvoted 0 times
...
Destiny
5 months ago
I practiced a similar question, and I think backing up before termination is crucial. So, D sounds right to me!
upvoted 0 times
...
Samira
5 months ago
I feel like terminating all instances in the VPC might be overkill. They should focus on the infected one, right?
upvoted 0 times
...
Bernardo
5 months ago
I'm not entirely sure, but I remember something about preserving evidence. Maybe they should pause the instance first?
upvoted 0 times
...
Annice
5 months ago
I think they should definitely terminate the instance after taking a backup. It seems risky to keep it running with malware on it.
upvoted 0 times
...
Pamella
5 months ago
Hmm, I'm a bit unsure about this one. I know an Access Point needs some basic wireless settings, but I'm not sure which are the absolute minimum. I'll have to review my notes.
upvoted 0 times
...
Truman
5 months ago
Hmm, I'm not sure about this one. The Scrum Master is also involved in tracking the team's progress, so they could potentially prepare this report as well. I'll have to think about the specific responsibilities of each role.
upvoted 0 times
...
Noel
5 months ago
Hmm, the options cover a range of details about patch management, like rollback, batch operations, and automatic fixes. I'll need to think through each one to determine which one is false.
upvoted 0 times
...
Sanjuana
9 months ago
I'd say D is the winner here. Terminating the instance is the smart move, but make sure you've got that backup ready to go. Don't want to end up like those poor dinosaurs, you know?
upvoted 0 times
Corinne
8 months ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Leontine
8 months ago
C) They should terminate all instances connected via the same VPC
upvoted 0 times
...
Iesha
8 months ago
B) They should keep the instance running as it stores critical data
upvoted 0 times
...
Estrella
8 months ago
A) They should pause the running instance
upvoted 0 times
...
...
Asha
9 months ago
Option D seems like the most logical step. Keeping the instance running (option B) is just asking for trouble, and terminating all instances (option C) is overkill.
upvoted 0 times
...
Sylvia
10 months ago
I'd go with option D as well. Better safe than sorry when it comes to critical data security. Gotta love a good ol' fashioned 'terminate and backup' plan!
upvoted 0 times
Dean
8 months ago
C) They should terminate all instances connected via the same VPC
upvoted 0 times
...
Daisy
8 months ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Lang
9 months ago
A) They should pause the running instance
upvoted 0 times
...
...
Beckie
10 months ago
Pausing the instance (option A) might not be enough, as the malware could still be active. Terminating it after backup is the most prudent choice.
upvoted 0 times
Melodie
8 months ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Daniela
8 months ago
B) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Artie
9 months ago
A) They should terminate the instance after taking necessary backup
upvoted 0 times
...
...
Marjory
10 months ago
Hmm, I think option D is the way to go. Terminating the instance after taking a backup is the safest approach to preserve the critical data and prevent further spread of the malware.
upvoted 0 times
Amira
9 months ago
Hmm, I think option D is the way to go. Terminating the instance after taking a backup is the safest approach to preserve the critical data and prevent further spread of the malware.
upvoted 0 times
...
Elliot
9 months ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Lenna
9 months ago
C) They should terminate all instances connected via the same VPC
upvoted 0 times
...
Johnson
9 months ago
B) They should keep the instance running as it stores critical data
upvoted 0 times
...
Quentin
9 months ago
A) They should pause the running instance
upvoted 0 times
...
...
Dominga
10 months ago
That's a good point. Maybe they should take necessary backup and then terminate the instance.
upvoted 0 times
...
Colette
10 months ago
But what if keeping the instance running is crucial for the company's operations?
upvoted 0 times
...
Dominga
11 months ago
I think they should pause the running instance.
upvoted 0 times
...

Save Cancel