Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. ECCouncil
  4. CEH v12
  5. 312-50v12 Discussions
  6. 312-50v12 Exam Topic 6 Question 46 Discussion
 ECCouncil Discussions
Exam 312-50v12 All Questions
Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam

Go to Exam

ECCouncil CEH v12 312-50v12 Question # 46 Topic 6 Discussion

312-50v12 Exam Topic 6 Question 46 Discussion:
Question #: 46
Topic #: 6

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

What is the most likely cause?
A.

The network devices are not all synchronized.

B.

Proper chain of custody was not observed while collecting the logs.

C.

The attacker altered or erased events from the logs.

D.

The security breach was a false positive.

Get Premium 312-50v12 Questions
Actual exam question for ECCouncil 312-50v12 exam by Echo8643 at Nov 29, 2025, 12:00:30 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit