Eccouncil Exam 212-89 Topic 1 Question 80 Discussion

Actual exam question for Eccouncil's 212-89 exam

Question #: 80
Topic #: 1

[All 212-89 Questions]

Bonney's system has been compromised by a gruesome malware.

What is the primary step that is advisable to Bonney in order to contain the malware

incident from spreading?

ATurn off the infected machine

BLeave it to the network administrators to handle

CComplaint to police in a formal way regarding the incident

DCall the legal department in the organization and inform about the incident

Show Suggested Answer

Suggested Answer: A

Turning off the infected machine is a common immediate response to contain a malware incident and prevent it from spreading to other systems on the network. This action halts any ongoing malicious activities by the malware, thereby limiting the potential for further damage or data exfiltration. However, it is essential to note that this step can lead to the loss of volatile data that might be useful for forensic analysis. Therefore, it is advisable only when it's critical to stop the malware immediately, and there's a strategy in place for forensic investigation that includes handling non-volatile data or when the preservation of volatile data is not possible.

by Sue at Apr 30, 2025, 10:18 PM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!