30 November, 2021

The Update Guide To 212-89 Braindumps

Pass4sure 212-89 Questions are updated and all 212-89 answers are verified by experts. Once you have completely prepared with our 212-89 exam prep kits you will be ready for the real 212-89 exam without a problem. We have Avant-garde EC-Council 212-89 dumps study guide. PASSED 212-89 First attempt! Here What I Did.

Also have 212-89 free dumps questions for you:

Page: 1 / 13

Total 163 questions Full Exam Access

Question 1

The data on the affected system must be backed up so that it can be retrieved if it is damaged during incident response. The system backup can also be used for further investigations of the incident. Identify the stage of the incident response and handling process in which complete backup of the infected system is carried out?

Containment

Eradication

Incident recording

Incident investigation

Question 2

To recover, analyze, and preserve computer and related materials in such a way that it can be presented as evidence in a court of law and identify the evidence in short time, estimate the potential impact of the malicious activity on the victim, and assess the intent and identity of the perpetrator is known as:

Computer Forensics

Digital Forensic Analysis

Forensic Readiness

Digital Forensic Examiner

Question 3

Which of the following is a characteristic of adware?

Gathering information

Displaying popups

Intimidating users

Replicating

Question 4

The most common type(s) of intellectual property is(are):

Copyrights and Trademarks

Patents

Industrial design rights & Trade secrets

All the above

Question 5

The main difference between viruses and worms is:

Worms require a host file to propagate while viruses don’t

Viruses require a host file to propagate while Worms don’t

Viruses don’t require user interaction; they are self-replicating malware

Viruses and worms are common names for the same malware

Question 6

The message that is received and requires an urgent action and it prompts the recipient to delete certain files or forward it to others is called:

An Adware

Mail bomb

A Virus Hoax

Spear Phishing

Question 7

The largest number of cyber-attacks are conducted by:

Insiders

Outsiders

Business partners

Suppliers

Question 8

The typical correct sequence of activities used by CSIRT when handling a case is:

Log, inform, maintain contacts, release information, follow up and reporting

Log, inform, release information, maintain contacts, follow up and reporting

Log, maintain contacts, inform, release information, follow up and reporting

Log, maintain contacts, release information, inform, follow up and reporting

Question 9

The Malicious code that is installed on the computer without user’s knowledge to acquire information from the user’s machine and send it to the attacker who can access it remotely is called:

Spyware

Logic Bomb

Trojan

Worm

Question 10

Authorized users with privileged access who misuse the corporate informational assets and directly affects the confidentiality, integrity, and availability of the assets are known as:

Outsider threats

Social Engineers

Insider threats

Zombies

Question 11

Absorbing minor risks while preparing to respond to major ones is called:

Risk Mitigation

Risk Transfer

Risk Assumption

Risk Avoidance

Question 12

Total cost of disruption of an incident is the sum of

Tangible and Intangible costs

Tangible cost only

Intangible cost only

Level Two and Level Three incidents cost

Question 13

A self-replicating malicious code that does not alter files but resides in active memory and duplicates itself, spreads through the infected network automatically and takes advantage of file or information transport features on the system to travel independently is called:

Trojan

Worm

Virus

RootKit

Question 14

Which policy recommends controls for securing and tracking organizational resources:

Access control policy

Administrative security policy

Acceptable use policy

Asset control policy

Question 15

In the Control Analysis stage of the NIST’s risk assessment methodology, technical and none technical control methods are classified into two categories. What are these two control categories?

Preventive and Detective controls

Detective and Disguised controls

Predictive and Detective controls

Preventive and predictive controls

Question 16

Incidents such as DDoS that should be handled immediately may be considered as:

Level One incident

Level Two incident

Level Three incident

Level Four incident

Question 17

A Malicious code attack using emails is considered as:

Malware based attack

Email attack

Inappropriate usage incident

Multiple component attack

Question 18

The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:

If the insider’s technical literacy is low and process knowledge is high, the risk posed by the threat will be insignificant.

If the insider’s technical literacy and process knowledge are high, the risk posed by the threat will be insignificant.

If the insider’s technical literacy is high and process knowledge is low, the risk posed by the threat will be high.

If the insider’s technical literacy and process knowledge are high, the risk posed by the threat will be high.

Page: 1 / 13

Total 163 questions Full Exam Access