Get 2024 Most Reliable EC-COUNCIL 212-89 Training Materials [Q18-Q35]

Get 2024 Most Reliable EC-COUNCIL 212-89 Training Materials

The Realest Study Materials 212-89 Dumps

NEW QUESTION # 18
XYZ Inc. was affected by a malware attack and James, being the incident handling and response (IH&R) team personnel handling the incident, found out that the root cause of the incident is a backdoor that has bypassed the security perimeter due to an existing vulnerability in the deployed firewall. James had contained the spread of the infection and removed the malware completely. Now the organization asked him to perform an incident impact assessment to identify the impact of the incident over the organization and he was also asked to prepare a detailed report of the incident.
Which of the following stages in IH&R process is James working on?

• A. Notification
• B. Eradication
• C. Post-incident activities
• D. Evidence gathering and forensics analysis

Answer: C

NEW QUESTION # 19
Incident management team provides support to all users in the organization that are affected by the threat or
attack. The organization's internal auditor is part of the incident response team. Identify one of the
responsibilities of the internal auditor as part of the incident response team:

• A. Identify and report security loopholes to the management for necessary actions
• B. Configure information security controls
• C. Coordinate incident containment activities with the information security officer
• D. Perform necessary action to block the network traffic from suspected intruder

Answer: A

NEW QUESTION # 20
The most common type(s) of intellectual property is(are):

• A. Industrial design rights & Trade secrets
• B. All the above
• C. Patents
• D. Copyrights and Trademarks

Answer: B

Explanation:
Explanation/Reference:

NEW QUESTION # 21
Multiple component incidents consist of a combination of two or more attacks in a system. Which of the following is not a multiple component incident?

• A. An attacker using email with malicious code to infect internal workstation
• B. An attacker redirecting user to a malicious website and infects his system with Trojan
• C. An insider intentionally deleting files from a workstation
• D. An attacker infecting a machine to launch a DDoS attack

Answer: C

NEW QUESTION # 22
Michael is a part of the computer incident response team of a company. One of his responsibilities is to handle email incidents. The company receives an email from an unknown source, and one of the steps that he needs to take is to check the validity of the email.
Which of the following tools should he use?

• A. G Suite Toolbox
• B. Email Dossier
• C. Zendio
• D. Yes ware

Answer: B

NEW QUESTION # 23
If a hacker cannot find any other way to attack an organization, they can influence an employee or a disgruntled staff member.
What type of threat is this?

• A. Phishing attack
• B. Insider attack
• C. Identity the t
• D. Footprinting

Answer: B

NEW QUESTION # 24
Identify a standard national process which establishes a set of activities, general tasks and a management
structure to certify and accredit systems that will maintain the information assurance (IA) and security posture
of a system or site.

• A. NIAAAP
• B. NIPACP
• C. NIASAP
• D. NIACAP

Answer: D

NEW QUESTION # 25
Unusual logins, accessing sensitive information not used for the job role, and the use of personal external storage drives on company assets are all signs of which of the following?

• A. Insider threat
• B. Over-working
• C. Security breach
• D. Lack of job rotation

Answer: A

NEW QUESTION # 26
The typical correct sequence of activities used by CSIRT when handling a case is:

• A. Log, maintain contacts, inform, release information, follow up and reporting
• B. Log, maintain contacts, release information, inform, follow up and reporting
• C. Log, inform, maintain contacts, release information, follow up and reporting
• D. Log, inform, release information, maintain contacts, follow up and reporting

Answer: C

NEW QUESTION # 27
Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?

• A. Forensics Procedure Plan
• B. New business strategy plan
• C. Sales and Marketing plan
• D. Business Recovery Plan

Answer: D

NEW QUESTION # 28
The following steps describe the key activities in forensic readiness planning:
1. Train the staff to handle the incident and preserve the evidence
2. Create a special process for documenting the procedure
3. Identify the potential evidence required for an incident
4. Determine the source of the evidence
5. Establish a legal advisory board to guide the investigation process
6. Identify if the incident requires full or formal investigation
7. Establish a policy for securely handing and storing the collected evidence
8. Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption
Identify the correct sequence of steps involved in forensic readiness planning.

• A. 3-->1-->4->5->8->2-->6-->7
• B. 3-->4-->8->7->6->1-->2-->5
• C. 2-->3-->1->4->6->5-->7-->8
• D. 1-->2-->3->4->5->6-->7-->8

Answer: B

NEW QUESTION # 29
Which of the following is NOT an image integrity tool?

• A. MD 5 Calculator
• B. Hash My Files
• C. Hash Calc
• D. Netstat

Answer: D

NEW QUESTION # 30
James has been appointed as an incident handing and response (IH&R) team lead and was assigned to build an IH&R plan and his own team in the company. Identify the IH&R process step James is currently working on.

• A. Notification
• B. Preparation
• C. Eradication
• D. Recovery

Answer: B

NEW QUESTION # 31
Joseph is an incident handling and response (IH&R) team lead in Toro Network Solutions Company. As a part of the IH&R process, Joseph alerted the service providers, developers, and manufacturers about the affected resources. Identify the stage of lH&R process Joseph is currently in.

• A. Eradication
• B. Recovery
• C. Incident triage
• D. Containment

Answer: D

NEW QUESTION # 32
A risk mitigation strategy determines the circumstances under which an action has to be taken to minimize and overcome risks. Identify the risk mitigation strategy that focuses on minimizing the probability of risk and losses by searching for vulnerabilities in the system and appropriate controls:

• A. Risk Assumption
• B. Risk absorption
• C. Risk limitation
• D. Research and acknowledgment

Answer: D

NEW QUESTION # 33
Malicious Micky has moved from the delivery stage to the exploitation stage of the kill chain. This malware wants to find and report to the command center any useful services on the system.
Which of the following recon attacks is the MOST LIKELY to provide this information?

• A. IP range sweep
• B. Packet sniff ng
• C. Session hijack
• D. Port scan

Answer: D

NEW QUESTION # 34
Which of the following risk mitigation strategies involves the execution of controls to reduce the risk factor and bring it to an acceptable level, or accepts the potential risk and continues operating the IT system?

• A. Risk planning
• B. Risk avoidance
• C. Risk assumption
• D. Risk transference

Answer: C

NEW QUESTION # 35
......

LATEST 212-89 Exam Practice Material: https://vcetorrent.examtorrent.com/212-89-prep4sure-dumps.html