練習できるECIH Certification 212-89問題集オンライン試験練習テスト詳細な解釈付き！212-89合格にストレスなし！ [Q80-Q96]

練習できるECIH Certification 212-89問題集オンライン試験練習テスト詳細な解釈付き！212-89合格にストレスなし！

212-89練習テスト2024年最新ので更新されました

質問 # 80
What is the best staffing model for an incident response team if current employees' expertise is very low?

• A. Partially outsourced
• B. Fully insourced
• C. Fully outsourced
• D. All the above

正解：C

質問 # 81
Clark, a professional hacker, successfully exploited the web application of a target organization by tampering with form and parameter values. Consequently, Clark gained access to the information assets of the organization.
Which of the following is the web-application vulnerability exploited by the attacker?

• A. Broken access control
• B. SQL injection
• C. Security misconfiguration
• D. Sensitive data exposure

正解：B

質問 # 82
The goal of incident response is to handle the incident in a way that minimizes damage and reduces recovery time and cost. Which of the following does NOT constitute a goal of incident response?

• A. Helping personal to recover quickly and efficiently from security incidents, minimizing loss or theft and disruption of services.
• B. Using information gathered during incident handling to prepare for handling future incidents in a better way and to provide stronger protection for systems and data.
• C. Dealing properly with legal issues that may arise during incidents.
• D. Dealing with human resources department and various employee conflict behaviors.

正解：D

質問 # 83
Which of the following is not the responsibility of first responders?

• A. Identifying the crime scene
• B. Preserving temporary and fragile evidence and then shutdown or reboot the victim's computer
• C. Protecting the crime scene
• D. Packaging and transporting the electronic evidence

正解：B

質問 # 84
An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?

• A. High level incident
• B. Middle level incident
• C. Ultra-High level incident
• D. Low level incident

正解：A

質問 # 85
Mr. Smith is a lead incident responder of a small financial enterprise having few branches in Australi a. Recently, the company suffered a massive attack losing USD 5 million through an inter-banking system. After in-depth investigation on the case, it was found out that the incident occurred because 6 months ago the attackers penetrated the network through a minor vulnerability and maintained the access without any user being aware of it. Then, he tried to delete users' fingerprints and performed a lateral movement to the computer of a person with privileges in the inter-banking system.
Finally, the attacker gained access and did fraudulent transactions.
Based on the above scenario, identify the most accurate kind of attack.

• A. Denial-of-service attack
• B. APT attack
• C. Ransomware attack
• D. Phishing

正解：B

質問 # 86
A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to agency's reporting timeframe guidelines, this incident should be reported within 2 h of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity.
Which incident category of US Federal Agency does this incident belong to?

• A. CAT 1
• B. CAT 6
• C. CAT 2
• D. CAT 5

正解：C

質問 # 87
Which of the following does NOT reduce the success rate of SQL injection?

• A. Close unnecessary application services and ports on the server.
• B. Constrain legitimate characters to exclude special characters.
• C. Automatically lock a user account at era predefined number of invalid login attempts within a predefined interval
• D. Limit the length of the input field.

正解：A

質問 # 88
In which of the following types of fuzz testing strategies the new data will be generated from scratch and the amount of data to be generated are predefined based on the testing model?

• A. Mutation-based fuzz testing
• B. Generation-based fuzz testing
• C. Log-based fuzz testing
• D. Protocol-based fuzz testing

正解：A

質問 # 89
Digital evidence plays a major role in prosecuting cyber criminals. John is a cyber-crime investigator, is asked to investigate a child pornography case. The personal computer of the criminal in question was confiscated by the county police. Which of the following evidence will lead John in his investigation?

• A. Web browser history
• B. Routing table list
• C. Web serve log
• D. SAM file

正解：A

質問 # 90
Which of the following terms refers to vulnerable account management functions, including account update, recovery of forgotten or lost passwords, and password reset, that might weaken valid authentication schemes?

• A. Directory traversal
• B. Broken account management
• C. Cross-site scripting
• D. SQL injection

正解：B

質問 # 91
SWA Cloud Services added PK las one of their cloud security controls.
What does PKI stand for?

• A. Public key infrastructure
• B. Private key information
• C. Private key infrastructure
• D. Public key information

正解：A

質問 # 92
Which of the following is NOT one of the Computer Forensic types:

• A. Email Forensics
• B. USB Forensics
• C. Image Forensics
• D. Forensic Archaeology

正解：D

質問 # 93
A self-replicating malicious code that does not alter files but resides in active memory and duplicates itself,
spreads through the infected network automatically and takes advantage of file or information transport
features on the system to travel independently is called:

• A. Virus
• B. Worm
• C. RootKit
• D. Trojan

正解：B

質問 # 94
Which of the following risk mitigation strategies involves the execution of controls to reduce the risk factor and bring it to an acceptable level, or accepts the potential risk and continues operating the IT system?

• A. Risk avoidance
• B. Risk planning
• C. Risk assumption
• D. Risk transference

正解：C

質問 # 95
James is working as an incident responder at CyberSol Inc. The management instructed James to investigate a cybersecurity incident that recently happened in the company. As a part of the investigation process, James started collecting volatile information from a system running on Windows operating system.
Which of the following commands helps James in determining all the executable files for running processes?

• A. doskey/history
• B. netstat -ab
• C. cate A &. time ,/t
• D. top

正解：C

質問 # 96
......

今すぐ試そう212-89練習試験解答：https://drive.google.com/open?id=19L04pDN6cr4yiW7KnQ6ujm-Qv_dOOCvF

ベスト212-89学習材料と試験準備問題はここにある：https://www.goshiken.com/EC-COUNCIL/212-89-mondaishu.html