EC-Council
312-50V9 · Question #54
312-50V9 Question #54: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V9 to reveal the answer and full explanation for question #54. The question stem and answer options stay visible for context.
Question
A company has hired a security administrator to maintain and administer Linux and Windows- based systems. Written in the nightly report file is the following: - Firewall log files are at the expected value of 4 MB. - The current time is 12am. Exactly two hours later the size has decreased considerably. - Another hour goes by and the log files have shrunk in size again. Which of the following actions should the security administrator take?
Options
- ALog the event as suspicious activity and report this behavior to the incident response team
- BLog the event as suspicious activity, call a manager, and report this as soon as possible.
- CRun an anti-virus scan because it is likely the system is infected by malware.
- DLog the event as suspicious activity, continue to investigate, and act according to the site's
Unlock 312-50V9 to see the answer
You've previewed enough free 312-50V9 questions. Unlock 312-50V9 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.