Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. ECCouncil
  4. CEH v13
  5. 312-50v13 Discussions
  6. 312-50v13 Exam Topic 4 Question 36 Discussion

ECCouncil Certified Ethical Hacker Exam (CEHv13) 312-50v13 Question # 36 Topic 4 Discussion

 ECCouncil Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

ECCouncil Certified Ethical Hacker Exam (CEHv13) 312-50v13 Question # 36 Topic 4 Discussion

312-50v13 Exam Topic 4 Question 36 Discussion:
Question #: 36
Topic #: 4

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

What is the most likely cause?
A.

The network devices are not all synchronized.

B.

Proper chain of custody was not observed while collecting the logs.

C.

The attacker altered or erased events from the logs.

D.

The security breach was a false positive.

Get Premium 312-50v13 Questions
Actual exam question for ECCouncil 312-50v13 exam by Sage67232 at Dec 10, 2025, 12:00:10 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next