EC-CouncilEC-Council
212-82 · Question #112
212-82 Question #112: Real Exam Question with Answer & Explanation
Sign in or unlock 212-82 to reveal the answer and full explanation for question #112. The question stem and answer options stay visible for context.
Submitted by tunde_lagos· Mar 6, 2026Cloud Security Operations & Incident Response
Question
You are working as a Security Consultant for a top firm named Beta Inc. Being a Security Consultant, you are called in to assess your company's situation after a ransomware attack that encrypts critical data on Beta Inc. servers. What is the MOST critical action you have to take immediately after identifying the attack?
Options
- AIdentify and isolate infected devices to prevent further spread.
- BRestore critical systems from backups according to the BCP.
- CAnalyze the attack vector to identify the source of the infection.
- DPay the ransom demand to regain access to encrypted data.
Unlock 212-82 to see the answer
You've previewed enough free 212-82 questions. Unlock 212-82 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#incident response#ransomware#containment#disaster recovery