• ホーム
  • ブログ
  • 試験問題集で212-89練習で無料最新のEC-COUNCIL練習テスト [Q97-Q122]

試験問題集で212-89練習で無料最新のEC-COUNCIL練習テスト [Q97-Q122]

Share

試験問題集で212-89練習で無料最新のEC-COUNCIL練習テスト

212-89試験問題、リアル212-89練習問題集

質問 97
What is the name of the type of malicious software or malware designed to deny access to a computer system or data until money is paid?

  • A. Adware
  • B. Spyware
  • C. Virus
  • D. Ransomware

正解: D

 

質問 98
Which of the following is a risk assessment tool:

  • A. Nmap
  • B. Wireshark
  • C. Nessus
  • D. CRAMM

正解: D

 

質問 99
An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of their maintenance. They first identified various risks and threats associated with cloud service adoption and migrating critical business data to third party systems. Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats.
Which of the following tools would help the organization to secure cloud resources and services?

  • A. Wire shark
  • B. Nmap
  • C. Alert Logic
  • D. Burp Suite

正解: C

 

質問 100
lkeo Corp. has hired an incident response team to assess the enterprise security. As a part of the incident handing and response process, the IR team is reviewing the current security policies implemented by the enterprise. The IR team finds out that employees of the organization do not have any restrictions on Internet access, which means that they are allowed to visit any site, download any application, and access a computer or a network from a remote location. Considering this as a main security threat, the IR team plans to change this policy as it can be easily exploited by the attackers. Identify the security policy that the IR team is planning to modify.

  • A. Prudent policy
  • B. Promiscuous pol cy
  • C. Paranoid policy
  • D. Permissive policy

正解: B

 

質問 101
Dash wants to perform a DoS attack over 256 target URLs simultaneously.
Which of the following tools can Dash employ to achieve his objective?

  • A. HOIC
  • B. Open VAS
  • C. IDA Pro
  • D. Ollydbg

正解: A

 

質問 102
A security policy will take the form of a document or a collection of documents, depending on the situation or usage. It can become a point of reference in case a violation occurs that results in dismissal or other penalty. Which of the following is NOT true for a good security policy?

  • A. It must clearly define the areas of responsibilities of the users, administrators and management
  • B. It must be approved by court of law after verifications of the stated terms and facts
  • C. It must be implemented through system administration procedures, publishing of acceptable use guide lines or other appropriate methods
  • D. It must be enforceable with security tools where appropriate and with sanctions where actual prevention is not technically feasible

正解: B

 

質問 103
Except for some common roles, the roles in an IRT are distinct for every organization. Which among the following is the role played by the Incident Coordinator of an IRT?

  • A. Applies the appropriate technology and tries to eradicate and recover from the incident
  • B. Focuses on the incident and handles it from management and technical point of view
  • C. Links the appropriate technology to the incident to ensure that the foundation's offices are returned to normal operations as quickly as possible
  • D. Links the groups that are affected by the incidents, such as legal, human resources, different business areas and management

正解: D

 

質問 104
Which of the following can be considered synonymous:

  • A. Precaution and countermeasure
  • B. Vulnerability and Danger
  • C. Hazard and Threat
  • D. Threat and Threat Agent

正解: C

 

質問 105
Tibs on works as an incident responder for MNC based in Singapore. He is investigating a web application security incident recently faced by the company. The attack is performed on a MSSQL Server hosted by the company. In the detection and analysis phase, he used regular expressions to analyze and detect SQL meta-characters that led to SQL injection attack. Identify the regular expression used by Tibs on to detect SQL injection attack on MSSQL Server.

  • A. /exec(\s|\+) +(s|x) p\w+/ix
  • B. ((\%3C) <) (\%2F) /) *(script) (\%3E) >)
  • C. ((\A.W)(\.A.V))
  • D. ((\.1%2E)\.1%2E)(V%2FN|%5C))

正解: A

 

質問 106
Which of the following is the ECIH phase that involves removing or eliminating the root cause of an incident and closing all attack vectors to prevent similar incidents in the future?

  • A. Recovery
  • B. Vulnerability management phase
  • C. Containment
  • D. Eradication

正解: D

 

質問 107
A living high level document that states in writing a requirement and directions on how an agency plans to protect its information technology assets is called:

  • A. Information security Standard
  • B. Information security Baseline
  • C. Information security Policy
  • D. Information security Procedure

正解: C

 

質問 108
Francis received a spoof email asking for his bank information. He decided to use a tool to analyze the email headers.
Which of the following should he use?

  • A. Polite Mail
  • B. Mx Toolbox
  • C. Email Checker
  • D. EventLog Analyzer

正解: B

 

質問 109
You area systems administrator for a company. You are accessing your fileserver remotely for maintenance. Suddenly, you are unable to access the server. After contacting others in your department, you find out that they cannot access the file server either. You can ping the file server but not connect to it via RD. You check the Active Directory Server, and all is well. You check the email server and find that emails are sent and received normally.
What is the most likely issue?

  • A. An email service issue
  • B. A denial-of-service issue
  • C. The fileserver has shutdown
  • D. An admin account issue

正解: B

 

質問 110
If the loss anticipated is greater than the agreed upon threshold; the organization will:

  • A. Do nothing
  • B. Accept the risk but after management approval
  • C. Mitigate the risk
  • D. Accept the risk

正解: C

 

質問 111
Patrick is doing a cyber forensic investigation. He is in the process of collecting physical evidence at the crime scene.
Which of the following elements he must consider while collecting physical evidence?

  • A. Open ports, services, and operating system (OS) vulnerabilities
  • B. DNS information including domain and subdomains
  • C. Published nameservers and web application source code
  • D. Removable media, cable, and publications

正解: D

 

質問 112
XYZ Inc. was affected by a malware attack and James, being the incident handling and response (IH&R) team personnel handling the incident, found out that the root cause of the incident is a backdoor that has bypassed the security perimeter due to an existing vulnerability in the deployed firewall. James had contained the spread of the infection and removed the malware completely. Now the organization asked him to perform an incident impact assessment to identify the impact of the incident over the organization and he was also asked to prepare a detailed report of the incident.
Which of the following stages in IH&R process is James working on?

  • A. Notification
  • B. Post-incident activities
  • C. Evidence gathering and forensics analysis
  • D. Eradication

正解: B

 

質問 113
The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:

  • A. If the insider's technical literacy is low and process knowledge is high, the risk posed by the threat will be insignificant.
  • B. If the insider's technical literacy and process knowledge are high, the risk posed by the threat will be insignificant.
  • C. If the insider's technical literacy and process knowledge are high, the risk posed by the threat will be high.
  • D. If the insider's technical literacy is high and process knowledge is low, the risk posed by the threat will be high.

正解: C

 

質問 114
Frederick is in the eradication process in one of the incidents he is handing.
Which of the following is NOT an eradication process?

  • A. Analyze the security model of the cloud provider interface.
  • B. Conduct vulnerability scanning and configuration audits.
  • C. CCs must train a few of their employees to use the cloud securely.
  • D. Monitor the client's traffic for any malicious activities.

正解: C

 

質問 115
To effectively describe security incidents, it is necessary to adopt a common set of terminology and to categorize the incidents.
According to ECIH text, in which category would you place an incident that involves illegal file download by a suspected or unknown user?

  • A. Ultra High Level
  • B. High level
  • C. Low Level
  • D. Middle level

正解: B

 

質問 116
CERT members can provide critical support services to first responders such as:

  • A. Consolidated automated service process management platform
  • B. A + C
  • C. Immediate assistance to victims
  • D. Organizing spontaneous volunteers at a disaster site

正解: B

 

質問 117
Chandler is a professional hacker who is targeting an organization called Technote. He wants to obtain important organizational information that is being transmitted between different hierarchies. In the process, he is sniff ng the data packets transmitted through the network and then analyzing them to gather packet details such as network, ports, protocols, devices, issues in network transmission, and other network specifications.
Which of the following tools would Chandler employ to perform packet analysis?

  • A. Sharp
  • B. IDA Pro
  • C. Omni peek
  • D. BeEf

正解: C

 

質問 118
Which of the following is defined as the identification of the boundaries of an IT system along with the resources and information that constitute the system?

  • A. System characterization
  • B. Vulnerability identification
  • C. Threat identification
  • D. Control analysis

正解: A

 

質問 119
One of the goals of CSIRT is to manage security problems by taking a certain approach towards the customers' security vulnerabilities and by responding effectively to potential information security incidents. Identify the incident response approach that focuses on developing the infrastructure and security processes before the occurrence or detection of an event or any incident:

  • A. Proactive approach
  • B. Introductive approach
  • C. Interactive approach
  • D. Qualitative approach

正解: A

 

質問 120
If a hacker cannot find any other way to attack an organization, they can influence an employee or a disgruntled staff member.
What type of threat is this?

  • A. Insider attack
  • B. Identity the t
  • C. Phishing attack
  • D. Footprinting

正解: A

 

質問 121
Ren is assigned to handle a security incident of an organization. He is tasked with forensics investigation to find the evidence needed by the management.
Which of the following steps falls under the investigation phase of the computer forensics investigation process?

  • A. Evidence assessment
  • B. Secure the evidence
  • C. Setup a computer forensics lab
  • D. Risk assessment

正解: B

 

質問 122
......

確認済み212-89試験問題集と解答で時間限定無料提供!212-89には正解付き:https://www.goshiken.com/EC-COUNCIL/212-89-mondaishu.html

あなたを合格させる212-89無料問題集最新のEC-COUNCIL練習テスト:https://drive.google.com/open?id=1p4uAumt2xDxilwrAsPZEr4MHK-ES_iWf

関するブログ

もっと
212-89無料問題集