Prep4sures 212-89 Exam Questions Real 212-89 Practice Dumps [Q25-Q48]

Share

Prep4sures 212-89 Exam Questions | Real 212-89 Practice Dumps

Verified 212-89 Exam Dumps Q&As - Provide 212-89 with Correct Answers

NEW QUESTION # 25
The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility standard across many
industries and educational institutions is known as:

  • A. Snort
  • B. nmap
  • C. Cain & Able
  • D. Wireshark

Answer: D


NEW QUESTION # 26
Racheal is an incident handler working at an organization called Inception Tech. Recently, numerous employees have been complaining about receiving emails from unknown senders. In order to prevent employees from spoof ng emails and keeping security in mind, Racheal was asked to take appropriate actions in this matter. As a part of her assignment, she needs to analyze the email headers to check the authenticity of received emails.
Which of the following protocol/authentication standards she must check in email header to analyze the email authenticity?

  • A. POP
  • B. DKIM
  • C. ARP
  • D. SNMP

Answer: B


NEW QUESTION # 27
John, a professional hacker, is attacking an organization, and is trying to destroy the connectivity between an AP and client to make the target unavailable to other wireless devices.
Which of the following attacks is John performing in this case?

  • A. Denial-of-service
  • B. EAP failure
  • C. Routing attack
  • D. Disassociation attack

Answer: A


NEW QUESTION # 28
Computer Forensics is the branch of forensic science in which legal evidence is found in any computer or any digital media device. Of the following, who is responsible for examining the evidence acquired and separating the useful evidence?

  • A. Evidence Manager
  • B. Evidence Examiner/ Investigator
  • C. Evidence Documenter
  • D. Evidence Supervisor

Answer: B


NEW QUESTION # 29
If the loss anticipated is greater than the agreed upon threshold; the organization will:

  • A. Accept the risk but after management approval
  • B. Accept the risk
  • C. Mitigate the risk
  • D. Do nothing

Answer: C


NEW QUESTION # 30
Which of the following is a type of malicious code or software that appears legitimate but can take control of your computer?

  • A. DDoS
  • B. Password attack
  • C. Phishing attack
  • D. Trojan attack

Answer: D


NEW QUESTION # 31
In the cloud environment, an authorized security professional executes approved sanitation procedures using approved utilities to permanently remove data spilled from contaminated information systems and applications in the cloud.
This is an example of which of the following?

  • A. Cloud auditor
  • B. Cloud broker
  • C. Cloud eradication
  • D. Cloud computing

Answer: A


NEW QUESTION # 32
Computer Forensics is the branch of forensic science in which legal evidence is found in any computer or any
digital media device. Of the following, who is responsible for examining the evidence acquired and separating
the useful evidence?

  • A. Evidence Manager
  • B. Evidence Examiner/ Investigator
  • C. Evidence Documenter
  • D. Evidence Supervisor

Answer: B


NEW QUESTION # 33
Which is the incorrect statement about Anti-keyloggers scanners:

  • A. Software tools
  • B. Run in stealthy mode to record victims online activity
  • C. Detect already installed Keyloggers in victim machines

Answer: B


NEW QUESTION # 34
A self-replicating malicious code that does not alter files but resides in active memory and duplicates itself, spreads through the infected network automatically and takes advantage of file or information transport features on the system to travel independently is called:

  • A. Trojan
  • B. Virus
  • C. Worm
  • D. RootKit

Answer: C


NEW QUESTION # 35
Eve is an incident handler in ABC organization. One day, she got a complaint about an email hacking incident from one of the employees of the organization. As a part of incident handling and response process, she must follow a number of recovery steps in order to recover from the incident impact and maintain business continuity.
What is the first step that she must do to secure the employee's account?

  • A. Disabling automatic filesharing between the systems
  • B. Enable two-factor authentication
  • C. Enable scanning of links and attachments in all the emails
  • D. Restore the email services and change the password

Answer: D


NEW QUESTION # 36
Employee monitoring tools are mostly used by employers to find which of the following?

  • A. Conspiracies
  • B. Lost registry keys
  • C. Stolen credentials
  • D. Malicious insider threats

Answer: D


NEW QUESTION # 37
Incident management team provides support to all users in the organization that are affected by the threat or
attack. The organization's internal auditor is part of the incident response team. Identify one of the
responsibilities of the internal auditor as part of the incident response team:

  • A. Configure information security controls
  • B. Identify and report security loopholes to the management for necessary actions
  • C. Coordinate incident containment activities with the information security officer
  • D. Perform necessary action to block the network traffic from suspected intruder

Answer: B


NEW QUESTION # 38
Drake is an incident handler at Dark Cloud Inc. He is tasked with performing log analysis to detect traces of malicious activities within the network infrastructure.
Which of the following tools should Drake employ to view logs in real time and identify malware propagation within the network?

  • A. HULK
  • B. LOIC
  • C. Splunk
  • D. Hydra

Answer: C


NEW QUESTION # 39
Matt is an incident handler working for one of the largest social network companies, which was affected by malware. According to the company's reporting timeframe guidelines, a malware incident should be reported within 1 h of discovery/detection after its spread across the company.
Which category does this incident belong to?

  • A. CAT 4
  • B. CAT 2
  • C. CAT 3
  • D. CAT 1

Answer: C


NEW QUESTION # 40
The USB tool (depicted below) that is connected to male USB Keyboard cable and not detected by anti-
spyware tools is most likely called:

  • A. Hardware Keylogger
  • B. Anti-Keylogger
  • C. USB adapter
  • D. Software Key Grabber

Answer: A

Explanation:
Explanation


NEW QUESTION # 41
Jason is an incident handler dealing with malware incidents. He was asked to perform a memory dump analysis in order to collect the information about the basic functionality of any program. As apart of his assignment, he needs to perform string search analysis to search for the malicious string that could determine the harmful actions that a program can perform.
Which of the following string-searching tools does Jason need to use to perform the intended task?

  • A. Process Explorer
  • B. Dependency Walker Information about the resource is in the response body.
  • C. Bin Text
  • D. PE View

Answer: C


NEW QUESTION # 42
An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?

  • A. Avoiding the legal liabilities arising due to incident
  • B. Creating new business processes to maintain profitability after incident
  • C. Providing assurance that systems are reliable
  • D. Providing a standard for testing the recovery plan

Answer: B


NEW QUESTION # 43
John is performing a memory dump analysis in order to find traces of malware. He has employed Volatility tool in order to achieve his objective.
Which of the following volatility framework command she will use in order to analyze the running process from the memory dump?

  • A. python vol.py imageinfo -f/root/Desktop/memdump.mem
  • B. python vol.py hivelist-prof le=Win2008SP1x86 -f/root Desktop/memdump.mem
  • C. python vol.py pslist-profile=Win2008SP1x86 -f/root/Desktop/memdump.mem
  • D. python vol.py svcscan--profile=Win2008SP1x86 -f/root/Desktop/memdump.mem | more

Answer: C


NEW QUESTION # 44
Installing a password cracking tool, downloading pornography material, sending emails to colleagues which
irritates them and hosting unauthorized websites on the company's computer are considered:

  • A. Inappropriate usage incidents
  • B. Network based attacks
  • C. Unauthorized access attacks
  • D. Malware attacks

Answer: A


NEW QUESTION # 45
Which stage of the incident response and handling process involves auditing the system and network log files?

  • A. Incident triage
  • B. Incident eradication
  • C. Containment
  • D. Incident disclosure

Answer: A


NEW QUESTION # 46
Which of the following options describes common characteristics of phishing emails?

  • A. Sent from friends or colleagues
  • B. No BCC fields
  • C. Urgency, threatening, or promising subject lines
  • D. Written in French

Answer: C


NEW QUESTION # 47
Tom received a phishing email and accidentally opened its attachment. This resulted in the redirection of all traffic to a fraudulent website.
What type of phishing attack occurred in this scenario?

  • A. Spear phishing
  • B. Spimming
  • C. Whaling
  • D. Pharming

Answer: A


NEW QUESTION # 48
......

Get Top-Rated EC-COUNCIL 212-89 Exam Dumps Now: https://www.prep4sures.top/212-89-exam-dumps-torrent.html

Pass Your 212-89 Dumps Free Latest EC-COUNCIL Practice Tests: https://drive.google.com/open?id=1n0C-IXNkHweAX4tC9AxGsAkLemnOQsC7