Eccouncil Exam 212-89 Topic 5 Question 78 Discussion

Actual exam question for Eccouncil's 212-89 exam

Question #: 78
Topic #: 5

[All 212-89 Questions]

Bonney's system has been compromised by a gruesome malware.

What is the primary step that is advisable to Bonney in order to contain the malware

incident from spreading?

ATurn off the infected machine

BLeave it to the network administrators to handle

CComplaint to police in a formal way regarding the incident

DCall the legal department in the organization and inform about the incident

Show Suggested Answer

Suggested Answer: A

Turning off the infected machine is a common immediate response to contain a malware incident and prevent it from spreading to other systems on the network. This action halts any ongoing malicious activities by the malware, thereby limiting the potential for further damage or data exfiltration. However, it is essential to note that this step can lead to the loss of volatile data that might be useful for forensic analysis. Therefore, it is advisable only when it's critical to stop the malware immediately, and there's a strategy in place for forensic investigation that includes handling non-volatile data or when the preservation of volatile data is not possible.

by Alfreda at Mar 24, 2025, 01:02 AM

Limited Time Offer

25%

15 days ago

Definitely option A. You don't want that nasty malware spreading like wildfire through the network. Shut it down before it's too late!

upvoted 0 times

Vallie

14 hours ago

User 1: I agree, turning off the infected machine is the best option.

upvoted 0 times

...

Audria

22 days ago

A) Turn off the infected machine

upvoted 0 times

...