ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-85 All Questions

View all questions & answers for the 312-85 exam
Go to Exam

Exam 312-85 topic 1 question 11 discussion

Actual exam question from ECCouncil's 312-85
Question #: 11
Topic #: 1
[All 312-85 Questions]

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?

  • A. Jim should identify the attack at an initial stage by checking the content of the user agent field.
  • B. Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.
  • C. Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
  • D. Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by emoram at March 1, 2023, 10:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BionicBeaver
11 months ago
Selected Answer: C
Answer is C As per Module 02 Page 116 of CTIA Courseware
upvoted 1 times
...
emoram
1 year, 4 months ago
Asper the ECC material the right answer is C, however this question could be appealable as in real life data can be stolen/exfiltrated through CnC servers and DNS tunneling which could be detected/mitigated by some sort of DNS solution checking on DNS queries integrity and suspicious domains. As stated by answer B.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel