Verified 212-89 dumps Q&As - 2024 Latest 212-89 Download
Updated 100% Cover Real 212-89 Exam Questions - 100% Pass Guarantee
NEW QUESTION # 75
Which of the following may be considered as insider threat(s):
- A. An employee having no clashes with supervisors and coworkers
- B. An employee who gets an annual 7% salary raise
- C. Disgruntled system administrators
- D. An employee with an insignificant technical literacy and business process knowledge
Answer: C
NEW QUESTION # 76
Computer forensics is methodical series of techniques and procedures for gathering evidence from computing equipment, various storage devices and or digital media that can be presented in a course of law in a coherent and meaningful format. Which one of the following is an appropriate flow of steps in the computer forensics process:
- A. Analysis > Preparation > Collection > Reporting > Examination
- B. Examination> Analysis > Preparation > Collection > Reporting
- C. Preparation > Analysis > Collection > Examination > Reporting
- D. Preparation > Collection > Examination > Analysis > Reporting
Answer: D
NEW QUESTION # 77
identify the network security incident where intended or authorized users are prevented from using system, network, or applications by flooding the network with a high volume of traffic that consumes all existing network resources.
- A. Denial-of-service
- B. XSS attack
- C. SQL injection
- D. URL manipulation
Answer: A
NEW QUESTION # 78
In which of the following phases of incident handling and response (IH&R) process are the identified security incidents analyzed, validated, categorized, and prioritized?
- A. Incident triage
- B. Containment
- C. Notification
- D. Incident recording and assignment
Answer: A
NEW QUESTION # 79
Which of the following is a type of malicious code or software that appears legitimate but can take control of your computer?
- A. Password attack
- B. Trojan attack
- C. DDoS
- D. Phishing attack
Answer: B
NEW QUESTION # 80
A Host is infected by worms that propagates through a vulnerable service; the sign(s) of the presence of the worm include:
- A. System becomes instable or crashes
- B. Established connection attempts targeted at the vulnerable services
- C. Decrease in network usage
- D. All the above
Answer: A
NEW QUESTION # 81
You are talking to a colleague who is deciding what information they should include in their organization's logs to help with security auditing.
Which of the following items should you tell them to NOT log?
- A. Source IP address
- B. Timestamp
- C. userid
- D. Session ID
Answer: D
NEW QUESTION # 82
Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?
- A. Forensics Procedure Plan
- B. New business strategy plan
- C. Business Recovery Plan
- D. Sales and Marketing plan
Answer: C
NEW QUESTION # 83
Ikeo Corp.hired an incident response team to assess the enterprise security. As part of the incident handling and response process, the IR team is reviewing the current se cunty policies implemented by the enterprise. The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any appl cation, and access a computer or network from a remote location. Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers.
Which of the following security policies is the IR team planning to modify?
- A. Prudent policy
- B. Permissive policy
- C. Promiscuous policy
- D. Paranoid policy
Answer: C
NEW QUESTION # 84
Malicious software programs that infect computers and com up to r delete the data on them.
The above-mentioned statement defines which of the following terms?
- A. Spyware
- B. Virus
- C. Trojan
- D. Worm
Answer: B
NEW QUESTION # 85
Your company holds a large amount of customer Pll, and you want to protect those data from theft or unauthorized modification. Among other actions, you classify and encrypt the data.
In this process, which of the following OWASP security risks are you guarding against?
- A. Security misconfiguration
- B. Broken authentication
- C. Sensitive data exposure
- D. Insecure deserialization
Answer: C
NEW QUESTION # 86
An incident recovery plan is a statement of actions that should be taken before, during or after an incident.
Identify which of the following is NOT an objective of the incident recovery plan?
- A. Avoiding the legal liabilities arising due to incident
- B. Providing assurance that systems are reliable
- C. Providing a standard for testing the recovery plan
- D. Creating new business processes to maintain profitability after incident
Answer: D
Explanation:
Explanation/Reference:
NEW QUESTION # 87
If the browser does not expire the session when the user fails to logout properly, which of the following OWASP Top 10 web vulnerabilities is caused?
- A. A7: Cross-site scripting
- B. A5: Broken access control
- C. A2: Broken authentication
- D. A3: Sensitive data exposure
Answer: C
NEW QUESTION # 88
Lack of forensic readiness may result in:
- A. Data manipulation, deletion, and theft
- B. System downtime
- C. Loss of clients thereby damaging the organization's reputation
- D. All the above
Answer: D
NEW QUESTION # 89
The product of intellect that has commercial value and includes copyrights and trademarks is called:
- A. Intellectual property
- B. Logos
- C. Patents
- D. Trade secrets
Answer: A
NEW QUESTION # 90
A payroll system has a vulnerability that cannot be exploited by current technology. Which of the following is correct about this scenario:
- A. The risk is accepted
- B. The risk must be transferred immediately
- C. The risk must be urgently mitigated
- D. The risk is not present at this time
Answer: D
NEW QUESTION # 91
Chandler is a professional hacker who is targeting an organization called Technote. He wants to obtain important organizational information that is being transmitted between different hierarchies. In the process, he is sniff ng the data packets transmitted through the network and then analyzing them to gather packet details such as network, ports, protocols, devices, issues in network transmission, and other network specifications.
Which of the following tools would Chandler employ to perform packet analysis?
- A. Omni peek
- B. IDA Pro
- C. Sharp
- D. BeEf
Answer: A
NEW QUESTION # 92
One of the goals of CSIRT is to manage security problems by taking a certain approach towards the customers' security vulnerabilities and by responding effectively to potential information security incidents. Identify the incident response approach that focuses on developing the infrastructure and security processes before the occurrence or detection of an event or any incident:
- A. Introductive approach
- B. Qualitative approach
- C. Proactive approach
- D. Interactive approach
Answer: C
NEW QUESTION # 93
Risk management consists of three processes, risk assessment, mitigation and evaluation. Risk assessment determines the extent of the potential threat and the risk associated with an IT system through its SDLC. How many primary steps does NIST's risk assessment methodology involve?
- A. Four
- B. Nine
- C. Six
- D. Twelve
Answer: B
NEW QUESTION # 94
......
EC-COUNCIL 212-89 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
Use Real Dumps - 100% Free 212-89 Exam Dumps: https://www.2pass4sure.com/ECIH-Certification/212-89-actual-exam-braindumps.html
Realistic 212-89 Dumps Latest Practice Tests Dumps: https://drive.google.com/open?id=1Nbc45QdhiNMeTyawMgDF3zAC1weqqcIu