Eccouncil Exam 312-49 Topic 1 Question 70 Discussion

Actual exam question for Eccouncil's 312-49 exam

Question #: 70
Topic #: 1

Donald made an OS disk snapshot of a compromised Azure VM under a resource group being used by the affected company as a part of forensic analysis process. He then created a vhd file out of the snapshot and stored it in a file share and as a page blob as backup in a storage account under different region. What Is the next thing he should do as a security measure?

ARecommend changing the access policies followed by the company

BDelete the snapshot from the source resource group

CDelete the OS disk of the affected VM altogether

DCreate another VM by using the snapshot

Show Suggested Answer

Suggested Answer: B

by Sheridan at Sep 19, 2024, 04:58 AM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Alpha

18 days ago

I believe creating another VM using the snapshot would be a good security measure as well.

upvoted 0 times

...

27 days ago

Option B is the way to go. Deleting the snapshot from the source resource group is the prudent move to prevent any further compromise.

upvoted 0 times

Gilbert

11 days ago

B) Delete the snapshot from the source resource group

upvoted 0 times

...

Daren

21 days ago

A) Recommend changing the access policies followed by the company

upvoted 0 times

...

Evette

28 days ago

I think Donald should recommend changing the access policies.

upvoted 0 times

...