Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Eccouncil Exam 312-49 Topic 1 Question 7 Discussion

Actual exam question for Eccouncil's 312-49 exam
Question #: 7
Topic #: 1
[All 312-49 Questions]

An EC2 instance storing critical data of a company got infected with malware. The forensics team took the EBS volume snapshot of the affected Instance to perform further analysis and collected other data of evidentiary value. What should be their next step?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Levi at May 05, 2022, 08:02 AM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Sanjuana
2 months ago
I'd say D is the winner here. Terminating the instance is the smart move, but make sure you've got that backup ready to go. Don't want to end up like those poor dinosaurs, you know?
upvoted 0 times
Leontine
23 hours ago
C) They should terminate all instances connected via the same VPC
upvoted 0 times
...
Iesha
4 days ago
B) They should keep the instance running as it stores critical data
upvoted 0 times
...
Estrella
20 days ago
A) They should pause the running instance
upvoted 0 times
...
...
Asha
2 months ago
Option D seems like the most logical step. Keeping the instance running (option B) is just asking for trouble, and terminating all instances (option C) is overkill.
upvoted 0 times
...
Sylvia
2 months ago
I'd go with option D as well. Better safe than sorry when it comes to critical data security. Gotta love a good ol' fashioned 'terminate and backup' plan!
upvoted 0 times
Dean
11 days ago
C) They should terminate all instances connected via the same VPC
upvoted 0 times
...
Daisy
13 days ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Lang
1 months ago
A) They should pause the running instance
upvoted 0 times
...
...
Beckie
2 months ago
Pausing the instance (option A) might not be enough, as the malware could still be active. Terminating it after backup is the most prudent choice.
upvoted 0 times
Melodie
15 days ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Daniela
18 days ago
B) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Artie
1 months ago
A) They should terminate the instance after taking necessary backup
upvoted 0 times
...
...
Marjory
2 months ago
Hmm, I think option D is the way to go. Terminating the instance after taking a backup is the safest approach to preserve the critical data and prevent further spread of the malware.
upvoted 0 times
Amira
23 days ago
Hmm, I think option D is the way to go. Terminating the instance after taking a backup is the safest approach to preserve the critical data and prevent further spread of the malware.
upvoted 0 times
...
Elliot
29 days ago
D) They should terminate the instance after taking necessary backup
upvoted 0 times
...
Lenna
1 months ago
C) They should terminate all instances connected via the same VPC
upvoted 0 times
...
Johnson
1 months ago
B) They should keep the instance running as it stores critical data
upvoted 0 times
...
Quentin
1 months ago
A) They should pause the running instance
upvoted 0 times
...
...
Dominga
3 months ago
That's a good point. Maybe they should take necessary backup and then terminate the instance.
upvoted 0 times
...
Colette
3 months ago
But what if keeping the instance running is crucial for the company's operations?
upvoted 0 times
...
Dominga
3 months ago
I think they should pause the running instance.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77