An IT security team is conducting an internal review of security protocols in their organization to identify potential vulnerabilities. During their investigation, they encounter a suspicious program running on several computers. Further examination reveals that the program has been logging all user keystrokes. How can the security team confirm the type of program and what countermeasures should be taken to ensure the same attack does not occur in the future?

Questions › Category: 312-50v12 › An IT security team is conducting an internal review of security protocols in their organization to identify potential vulnerabilities. During their investigation, they encounter a suspicious program running on several computers. Further examination reveals that the program has been logging all user keystrokes. How can the security team confirm the type of program and what countermeasures should be taken to ensure the same attack does not occur in the future?

0 Vote Up Vote Down

Admin Staff asked 1 year ago

An IT security team is conducting an internal review of security protocols in their organization to identify potential vulnerabilities. During their investigation, they encounter a suspicious program running on several computers. Further examination reveals that the program has been logging all user keystrokes. How can the security team confirm the type of program and what countermeasures should be taken to ensure the same attack does not occur in the future?

A. The program is spyware; the team should use password managers and encrypt sensitive data.

B. The program is a keylogger; the team should employ intrusion detection systems and regularly update the system software.

C. The program is a keylogger; the team should educate employees about phishing attacks and maintain regular backups.

D. The program is a Trojan; the team should regularly update antivirus software and install a reliable firewall.










Correct Answer: B

This question is in 312-50v12 exam
For getting CEH Certificate