212-89 実際試験問題と解答 - 模擬練習 - 受験自信を増やす

Question No : 1
Identify the malicious program that is masked as a genuine harmless program and gives the attacker unrestricted access to the users information and system. These programs may unleash dangerous programs that may erase the unsuspecting user's disk and send the victim's credit card numbers and passwords to a stranger.

A.Virus
B.Adware
C.Worm
D.Trojan

正解:

Question No : 2
Jacobi san employee in Dolphin Investment firm. While he was on his duty, he identified that his computer is facing some problems and he wanted to convey the issue to the respective authority in his organization.
But currently this organization does not have a ticketing system to address such types of issues.
In the above scenario, which of the following ticketing systems can be employed by the Dolphin Investment firm to allow Jacob to raise the issue in order to tell the respective team about the incident?

A.ThreatConnec
B.IBM XForce Exchange
C.ManageEngine ServiceDesk Plus
D.MISP

正解:

Question No : 3
Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption
Identify the correct sequence of steps involved in forensic readiness planning.

A.2-->3-->1->4->6->5-->7-->8
B.3-->4-->8->7->6->1-->2-->5
C.3-->1-->4->5->8->2-->6-->7
D.1-->2-->3->4->5->6-->7-->8

正解:

Question No : 4
Marley was asked by his incident handing and response (IH&R) team lead to collect volatile data such as system information and network information present in the registries, cache, and RAM of victim's system.
Identify the data acquisition method Marley must employ to collect volatile data.

A.Live data acquisition
B.Validate data acquisition
C.Remote data acquisition
D.Static data acquisition

正解:

Question No : 5
Andrew, an incident responder, is performing risk assessment of the client organization. As a part of the risk assessment process, he identified the boundaries of the IT systems, along with the resources and the information that constitute the systems.
Identify the risk assessment step Andrew is performing.

A.Likelihood determination
B.System characterization
C.Control analysis
D.Control recommendations

正解:

Question No : 6
Dash wants to perform a DoS attack over 256 target URLs simultaneously.
Which of the following tools can Dash employ to achieve his objective?

A.Ollydbg
B.IDA Pro
C.HOIC
D.Open VAS

正解:

Question No : 7
John is a professional hacker who is performing an attack on the target organization where he tries to redirect the connection between the IP address and its target server such that when the users type in the Internet address, it redirects them to a rogue website that resembles the original website. He tries this attack using cache poisoning technique.
Identify the type of attack John is performing on the target organization.

A.Pharming
B.Skimming
C.War driving
D.Pre texting

正解:

Question No : 8
Eve is an incident handler in ABC organization. One day, she got a complaint about an email hacking incident from one of the employees of the organization. As a part of incident handling and response process, she must follow a number of recovery steps in order to recover from the incident impact and maintain business continuity.
What is the first step that she must do to secure the employee's account?

A.Disabling automatic filesharing between the systems
B.Restore the email services and change the password
C.Enable scanning of links and attachments in all the emails
D.Enable two-factor authentication

正解:

Question No : 9
Browser data can be used to access various credentials.
Which of the following tools is used to analyze the history data files in Microsoft Edge browser?

A.MZ History View
B.Browsing History View
C.Chrome History View
D.MZ Cache View

正解:

Question No : 10
In which of the following phases of incident handling and response (IH&R) process are the identified security incidents analyzed, validated, categorized, and prioritized?

A.Incident triage
B.Notification
C.Incident recording and assignment
D.Containment

正解:

Question No : 11
Create a vulnerability scan report
Identify the correct sequence of vulnerability assessment steps performed by the incident responders.

A.4-->1-->2->3->6->5-->7
B.3-->6-->1->2->5->4-->7
C.1-->3-->2->4->5->6-->7
D.2-->1-->4->7->5->6-->3

正解:

Question No : 12
Which of the following information security personnel handles incidents from management and technical point of view?

A.Network administrators
B.Incident manager (IM)
C.Forensic investigators
D.Threat researchers

正解:

Question No : 13
A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to the agency's reporting timeframe guidelines, this incident should be reported within 2h of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity.
Which incident category of US Federal Agency does this incident belong to?

A.CAT 5
B.CAT 6
C.CAT 2
D.CAT 1

正解:

Question No : 14
Zaimasoft, a prominent IT organization, was attacked by perpetrators who directly targeted the hardware and caused irreversible damage to the hardware. In result, replacing or reinstalling the hardware was the only solution. Identify the type of denial-of-service attack performed on Zaimasoft.

A.DDoS
B.DRDoS
C.PDoS
D.DoS

正解:

Question No : 15
Eric is an incident responder and is working on developing incident-handling plans and procedures. As part of this process, he is performing an analysis on the organizational network to generate a report and develop policies based on the acquired results.
Which of the following tools will help him in analyzing his network and the related traffic?

A.FaceNiff
B.Burp Suite
C.Wireshark
D.Whois

正解:

EC-Council 212-89 問題練習