ExamTopics Logo
Mail Usteam@examtopics.com
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 311 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 311
Topic #: 1
[All 312-50v12 Questions]

A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer.

What tests would you perform to determine whether his computer is infected?

  • A. Upload the file to VirusTotal.
  • B. You do not check; rather, you immediately restore a previous snapshot of the operating system.
  • C. Use netstat and check for outgoing connections to strange IP addresses or domains.
  • D. Use ExifTool and check for malicious content.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Community vote distribution
C (100%)
by agelbahri at March 13, 2025, 10:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mr.sgtan
3 weeks ago
Selected Answer: C
CEH v12 Module 04 p1187 One of Trojan countermeasures is to block all unnecessary ports at the host and use a firewall. Therefore, you should use Netstat to investigate for malicious activity first via checking outgoing connections in order to determine whether the computer is infected.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
AZ-500
Bangkok, 1 minute ago