Pass 212-89 Exam in First Attempt Guaranteed 2021 Dumps! [Q68-Q86]

Pass 212-89 Exam in First Attempt Guaranteed 2021 Dumps!

212-89 Dumps Full Questions - Exam Study Guide

NEW QUESTION 68
The individual who recovers, analyzes, and preserves computer and related materials to be presented as evidence in a court of law and identifies the evidence, estimates the potential impact of the malicious activity on the victim, and assesses the intent and identity of the perpetrator is called:

• A. All the above
• B. Computer Forensic Investigator
• C. Digital Forensic Examiner
• D. Computer Hacking Forensic Investigator

Answer: A

 

NEW QUESTION 69
One of the goals of CSIRT is to manage security problems by taking a certain approach towards the customers' security vulnerabilities and by responding effectively to potential information security incidents. Identify the incident response approach that focuses on developing the infrastructure and security processes before the occurrence or detection of an event or any incident:

• A. Interactive approach
• B. Introductive approach
• C. Qualitative approach
• D. Proactive approach

Answer: D

 

NEW QUESTION 70
The type of relationship between CSIRT and its constituency have an impact on the services provided by the CSIRT. Identify the level of the authority that enables members of CSIRT to undertake any necessary actions on behalf of their constituency?

• A. Mid-level authority
• B. Half-level authority
• C. Full-level authority
• D. Shared-level authority

Answer: C

 

NEW QUESTION 71
A self-replicating malicious code that does not alter files but resides in active memory and duplicates itself, spreads through the infected network automatically and takes advantage of file or information transport features on the system to travel independently is called:

• A. Trojan
• B. Worm
• C. Virus
• D. RootKit

Answer: B

 

NEW QUESTION 72
The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/ services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service attack?

• A. SAM service
• B. Echo service
• C. SMTP service
• D. POP3 service

Answer: B

 

NEW QUESTION 73
Insider threats can be detected by observing concerning behaviors exhibited by insiders, such as conflicts with supervisors and coworkers, decline in performance, tardiness or unexplained absenteeism. Select the technique that helps in detecting insider threats:

• A. Protecting computer systems by implementing proper controls
• B. Correlating known patterns of suspicious and malicious behavior
• C. Making is compulsory for employees to sign a none disclosure agreement
• D. Categorizing information according to its sensitivity and access rights

Answer: B

 

NEW QUESTION 74
The ability of an agency to continue to function even after a disastrous event, accomplished through the
deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup
and recovery strategy is known as:

• A. Business Continuity Plan
• B. Contingency Planning
• C. Disaster Planning
• D. Business Continuity

Answer: D

 

NEW QUESTION 75
The service organization that provides 24x7 computer security incident response services to any user, company, government agency, or organization is known as:

• A. Vulnerability Assessor
• B. Digital Forensics Examiner
• C. Computer Security Incident Response Team CSIRT
• D. Security Operations Center SOC

Answer: C

 

NEW QUESTION 76
Keyloggers do NOT:

• A. Secretly records URLs visited in browser, keystrokes, chat conversations, ...etc
• B. Run in the background
• C. Alter system files
• D. Send log file to attacker's email or upload it to an ftp server

Answer: C

 

NEW QUESTION 77
Identify the network security incident where intended authorized users are prevented from using system,
network, or applications by flooding the network with high volume of traffic that consumes all existing network
resources.

• A. XSS Attack
• B. URL Manipulation
• C. SQL Injection
• D. Denial of Service Attack

Answer: D

 

NEW QUESTION 78
A risk mitigation strategy determines the circumstances under which an action has to be taken to minimize and overcome risks. Identify the risk mitigation strategy that focuses on minimizing the probability of risk and losses by searching for vulnerabilities in the system and appropriate controls:

• A. Risk Assumption
• B. Research and acknowledgment
• C. Risk limitation
• D. Risk absorption

Answer: B

 

NEW QUESTION 79
CERT members can provide critical support services to first responders such as:

• A. Organizing spontaneous volunteers at a disaster site
• B. Consolidated automated service process management platform
• C. A + C
• D. Immediate assistance to victims

Answer: C

 

NEW QUESTION 80
Policies are designed to protect the organizational resources on the network by establishing the set rules and procedures. Which of the following policies authorizes a group of users to perform a set of actions on a set of resources?

• A. Audit trail policy
• B. Documentation policy
• C. Access control policy
• D. Logging policy

Answer: C

 

NEW QUESTION 81
The steps followed to recover computer systems after an incident are:

• A. System validation, restoration, operation and monitoring
• B. System restoration, validation, operation and monitoring
• C. System monitoring, validation, operation and restoration
• D. System restoration, operation, validation, and monitoring

Answer: B

 

NEW QUESTION 82
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following helps in recognizing and separating the infected hosts from the information system?

• A. Configuring firewall to default settings
• B. Inspecting the process running on the system
• C. Browsing particular government websites
• D. Sending mails to only group of friends

Answer: B

 

NEW QUESTION 83
An incident is analyzed for its nature, intensity and its effects on the network and systems. Which stage of the
incident response and handling process involves auditing the system and network log files?

• A. Containment
• B. Identification
• C. Incident recording
• D. Reporting

Answer: B

 

NEW QUESTION 84
An access control policy authorized a group of users to perform a set of actions on a set of resources. Access to resources is based on necessity and if a particular job role requires the use of those resources. Which of the following is NOT a fundamental element of access control policy

• A. Action group: group of actions performed by the users on resources
• B. Access group: group of users to which the policy applies
• C. Development group: group of persons who develop the policy
• D. Resource group: resources controlled by the policy

Answer: C

 

NEW QUESTION 85
The correct sequence of incident management process is:

• A. Prepare, protect, detect, respond and triage
• B. Prepare, detect, protect, triage and respond
• C. Prepare, protect, triage, detect and respond
• D. Prepare, protect, detect, triage and respond

Answer: D

 

NEW QUESTION 86
......

ECIH Certification  Free Certification Exam Material from ActualTestsQuiz with 165 Questions: https://www.actualtestsquiz.com/212-89-test-torrent.html

Use Real 212-89 - 100% Cover Real Exam Questions: https://drive.google.com/open?id=1EXLfyEtgRu_mXsX0SqXjh1eXeKUcjb9I