ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 134 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 134
Topic #: 1
[All 312-50v13 Questions]

Given the complexities of an organization’s network infrastructure, a threat actor has exploited an unidentified vulnerability, leading to a major data breach. As a Certified Ethical Hacker (CEH). you are tasked with enhancing the organization's security stance. To ensure a comprehensive security defense, you recommend a certain security strategy. Which of the following best represents the strategy you would likely suggest and why?

  • A. Develop an in-depth Risk Management process, involving identification, assessment, treatment, tracking, and review of risks to control the potential effects on the organization.
  • B. Establish a Defense-in-Depth strategy, incorporating multiple layers of security measures to increase the complexity and decrease the likelihood of a successful attack.
  • C. Implement an Information Assurance (IA) policy focusing on ensuring the integrity, availability, confidentiality, and authenticity of information systems.
  • D. Adopt a Continual/Adaptive Security Strategy involving ongoing prediction, prevention, detection, and response actions to ensure comprehensive computer network defense.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Dogeo at Feb. 10, 2025, 2:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
KiranYS
3 months, 2 weeks ago
Selected Answer: B
A Defense-in-Depth strategy involves implementing multiple layers of security controls across different areas (network, host, application, and data) to reduce the risk of a successful attack
upvoted 1 times
...
killwitch
3 months, 2 weeks ago
Selected Answer: B
Given that a threat actor successfully exploited an unknown vulnerability, the best approach to mitigate future attacks is to implement a Defense-in-Depth (DiD) strategy. This security model incorporates multiple layers of security controls to make it significantly harder for an attacker to breach an organization's infrastructure. DiD reduces single points of failure and ensures that if one layer is compromised, additional layers of security can still protect the system
upvoted 1 times
...
NikoTomas
3 months, 3 weeks ago
Selected Answer: D
Correct is D - At first sight, for me, A looks great - i. e. start from the ground, identify assets, evaluate risks... and as late as risks are known, implement appropriate defensive measures based on it (this is how it should be done in real world). However, A option ends by risk assessment with no defense - and they are asking for "enhancing the organization's security stance" and "ensure a comprehensive security defense". - B - Defense in Depth - ok, it is defense and it is some kind of strategy but it is already incorporated in option D) and much more... that's why D) is better answer. Continuation below...
upvoted 1 times
NikoTomas
3 months, 3 weeks ago
...continuation: Correct D --> The Continual/Adaptive Security Strategy, as outlined by the EC-Council, is built upon four foundational pillars: 1. Protect: Implementing measures to safeguard networks, endpoints, and data against potential threats. This includes deploying defense-in-depth strategies to ensure robust security. eccouncil.org 2. Detect: Continuous monitoring to identify anomalies and potential security incidents promptly, enabling swift action to mitigate risks. securuscomms.co.uk+3eccouncil.org+3cisa.gov+3 3. Respond: Developing and executing effective incident response plans to address and mitigate the impact of security breaches. eccouncil.org 4. Predict: Utilizing threat intelligence, threat hunting, and attack surface analysis to anticipate and prepare for future cyber threats. This strategy ensures a proactive and comprehensive approach to cybersecurity, aligning with the dynamic nature of modern threat landscapes.
upvoted 1 times
...
...
Dogeo
4 months, 3 weeks ago
Selected Answer: B
A Defense-in-Depth strategy is designed to provide multiple layers of protection across the network and systems. By using a combination of security measures (e.g., firewalls, intrusion detection systems, access controls, encryption, etc.)
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel