What did Joseph do to troubleshoot the website vandalism?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

What did Joseph do to troubleshoot the website vandalism?

Explanation:
The main idea here is to isolate the incident to see where the problem originates. By disconnecting from the corporate network and accessing the website through a dial-up connection, Joseph removes any influence from his internal machines or internal network. This external path acts like an independent tester: if the defacement appears even when using a separate, non‑corporate route, the issue is likely with the hosting environment, DNS, or an external attacker. If the vandalism doesn’t appear on that dial-up path, it suggests the problem could be coming from inside the corporate network or from a device within that environment. This approach helps preserve evidence and guides next steps without contaminating the investigation through the internal network. Restarting the web server could erase helpful data and doesn’t diagnose where the compromise originated, and scanning his own computer for malware targets his workstation rather than the website itself. Contacting the hosting provider is important for remediation, but it doesn’t individually establish whether the issue is internal or external; the external test is the quickest way to triage and scope the incident.

The main idea here is to isolate the incident to see where the problem originates. By disconnecting from the corporate network and accessing the website through a dial-up connection, Joseph removes any influence from his internal machines or internal network. This external path acts like an independent tester: if the defacement appears even when using a separate, non‑corporate route, the issue is likely with the hosting environment, DNS, or an external attacker. If the vandalism doesn’t appear on that dial-up path, it suggests the problem could be coming from inside the corporate network or from a device within that environment.

This approach helps preserve evidence and guides next steps without contaminating the investigation through the internal network. Restarting the web server could erase helpful data and doesn’t diagnose where the compromise originated, and scanning his own computer for malware targets his workstation rather than the website itself. Contacting the hosting provider is important for remediation, but it doesn’t individually establish whether the issue is internal or external; the external test is the quickest way to triage and scope the incident.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy