• Home
  • Blogs
  • [Q101-Q121] Free 212-89 Exam Files Downloaded Instantly UPDATED [2023]

[Q101-Q121] Free 212-89 Exam Files Downloaded Instantly UPDATED [2023]

Share

Free 212-89 Exam Files Downloaded Instantly UPDATED [2023]

100% Pass Guaranteed Free 212-89 Exam Dumps

NEW QUESTION # 101
A security policy will take the form of a document or a collection of documents, depending on the situation or
usage. It can become a point of reference in case a violation occurs that results in dismissal or other penalty.
Which of the following is NOT true for a good security policy?

  • A. It must be approved by court of law after verifications of the stated terms and facts
  • B. It must be enforceable with security tools where appropriate and with sanctions where actual prevention is
    not technically feasible
  • C. It must be implemented through system administration procedures, publishing of acceptable use guide lines
    or other appropriate methods
  • D. It must clearly define the areas of responsibilities of the users, administrators and management

Answer: A


NEW QUESTION # 102
An access control policy authorized a group of users to perform a set of actions on a set of resources. Access to resources is based on necessity and if a particular job role requires the use of those resources. Which of the following is NOT a fundamental element of access control policy

  • A. Action group: group of actions performed by the users on resources
  • B. Access group: group of users to which the policy applies
  • C. Resource group: resources controlled by the policy
  • D. Development group: group of persons who develop the policy

Answer: D


NEW QUESTION # 103
BadGuy Bob hid files in the slack space, changed the file headers, hid suspicious files in executables, and changed the metadata for all types of files on his hacker laptop.
What has he committed?

  • A. Felony
  • B. Legal hostility
  • C. Anti-forensics
  • D. Adversarial mechanics

Answer: C


NEW QUESTION # 104
Any information of probative value that is either stored or transmitted in a digital form during a computer crime is called:

  • A. Digital evidence
  • B. Digital Forensic Examiner
  • C. Computer Emails
  • D. Digital investigation

Answer: A


NEW QUESTION # 105
Risk management consists of three processes, risk assessment, mitigation and evaluation. Risk assessment determines the extent of the potential threat and the risk associated with an IT system through its SDLC. How many primary steps does NIST's risk assessment methodology involve?

  • A. Nine
  • B. Four
  • C. Six
  • D. Twelve

Answer: A


NEW QUESTION # 106
Incidents such as DDoS that should be handled immediately may be considered as:

  • A. Level Three incident
  • B. Level Two incident
  • C. Level One incident
  • D. Level Four incident

Answer: A


NEW QUESTION # 107
One of the main objectives of incident management is to prevent incidents and attacks by tightening the
physical security of the system or infrastructure. According to CERT's incident management process, which
stage focuses on implementing infrastructure improvements resulting from postmortem reviews or other
process improvement mechanisms?

  • A. Detection
  • B. Protection
  • C. Triage
  • D. Preparation

Answer: B


NEW QUESTION # 108
Ikeo Corp.hired an incident response team to assess the enterprise security. As part of the incident handling and response process, the IR team is reviewing the current se cunty policies implemented by the enterprise. The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any appl cation, and access a computer or network from a remote location. Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers.
Which of the following security policies is the IR team planning to modify?

  • A. Permissive policy
  • B. Paranoid policy
  • C. Prudent policy
  • D. Promiscuous policy

Answer: D


NEW QUESTION # 109
A methodical series of techniques and procedures for gathering evidence, from computing equipment and various storage devices and digital media, that can be presented in a court of law in a coherent and meaningful format is called:

  • A. Computer Forensics
  • B. Steganalysis
  • C. Forensic Analysis
  • D. Forensic Readiness

Answer: A


NEW QUESTION # 110
Digital evidence plays a major role in prosecuting cyber criminals. John is a cyber-crime investigator, is asked to investigate a child pornography case. The personal computer of the criminal in question was confiscated by the county police. Which of the following evidence will lead John in his investigation?

  • A. Web serve log
  • B. Routing table list
  • C. Web browser history
  • D. SAM file

Answer: C


NEW QUESTION # 111
Which of the following are malicious software programs that infect computers and corruptor delete the data on them?

  • A. Trojans
  • B. Spyware
  • C. Virus
  • D. Worms

Answer: C


NEW QUESTION # 112
Contingency planning enables organizations to develop and maintain effective methods to handle
emergencies. Every organization will have its own specific requirements that the planning should address.
There are five major components of the IT contingency plan, namely supporting information, notification
activation, recovery and reconstitution and plan appendices. What is the main purpose of the reconstitution
plan?

  • A. To provide the introduction and detailed concept of the contingency plan
  • B. To restore the original site, tests systems to prevent the incident and terminates operations
  • C. To provide a sequence of recovery activities with the help of recovery procedures
  • D. To define the notification procedures, damage assessments and offers the plan activation

Answer: B


NEW QUESTION # 113
Stanley works as an incident responder at a top MNC based in Singapore. He was asked to investigate a cybersecurity incident that recently occurred in the company. While investigating the incident, he collected evidence from the victim systems. He must present this evidence in a clear and comprehensible manner to the members of a jury so that the evidence clarifies the facts and further helps in obtaining an expert opinion on the incident to conf rm the investigation process.
In the above scenario, which of the following characteristics of the digital evidence did Stanley attempt to preserve?

  • A. Admissibility
  • B. Completeness
  • C. Believability
  • D. Authenticity

Answer: C


NEW QUESTION # 114
Which stage of the incident response and handling process involves auditing the system and network log files?

  • A. Incident disclosure
  • B. Containment
  • C. Incident triage
  • D. Incident eradication

Answer: C


NEW QUESTION # 115
Which of the following digital evidence is temporarily stored on a digital device that requires a constant power supply and is deleted if the power supply is interrupted?

  • A. Swap file
  • B. Process memory
  • C. Slack space
  • D. Event logs

Answer: B


NEW QUESTION # 116
Common name(s) for CSIRT is(are)

  • A. Security Incident Response Team (SIRT)
  • B. Incident Response Team (IRT)
  • C. All the above
  • D. Incident Handling Team (IHT)

Answer: C


NEW QUESTION # 117
________________ attach(es) to files

  • A. Spyware
  • B. adware
  • C. Viruses
  • D. Worms

Answer: C


NEW QUESTION # 118
Drake is an incident handler at Dark Cloud Inc. Heist asked with performing log analysis in order to detect traces of malicious activities within the network infrastructure.
Which of the following tools should Drake employ in order to view logs in real time and identify malware propagation within the network?

  • A. Hydra
  • B. LOIC
  • C. Splunk
  • D. HULK

Answer: C


NEW QUESTION # 119
Which of the following types of insider threats involves an insider who is uneducated on potential security threats or simply bypasses general security procedures to meet workplace efficiency?

  • A. Malicious insider
  • B. Professional insider
  • C. Negligent insider
  • D. Compromised insider

Answer: C


NEW QUESTION # 120
To whom should an information security incident be reported?

  • A. Human resources and Legal Department
  • B. It should not be reported at all and it is better to resolve it internally
  • C. It should be reported according to the incident reporting & handling policy
  • D. Chief Information Security Officer

Answer: C


NEW QUESTION # 121
......

Latest 212-89 dumps - Instant Download PDF: https://www.examprepaway.com/EC-COUNCIL/braindumps.212-89.ete.file.html

Verified & Latest 212-89 Dump Q&As with Correct Answers: https://drive.google.com/open?id=1WJ-6YA3bmrkPBgALg7unzNAZJs76RU_D

Related Blogs

more
EC-COUNCIL 212-89 Certification Practice Exam