Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Discussions
  1. Home
  2. Discussions
  3. ECCouncil
  4. CTIA
  5. 312-85 Discussions
  6. 312-85 Exam Topic 1 Question 4 Discussion
 ECCouncil Discussions
Exam 312-85 All Questions
Exam 312-85 All Questions

View all questions & answers for the 312-85 exam

Go to Exam

ECCouncil CTIA 312-85 Question # 4 Topic 1 Discussion

312-85 Exam Topic 1 Question 4 Discussion:
Question #: 4
Topic #: 1

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.

What should Jim do to detect the data staging before the hackers exfiltrate from the network?
A.

Jim should identify the attack at an initial stage by checking the content of the user agent field.

B.

Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

C.

Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.

D.

Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.

Get Premium 312-85 Questions
Actual exam question for ECCouncil 312-85 exam by Cyra5600 at Mar 3, 2025, 11:32:46 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit