• ホーム
  • ブログ
  • [2023年12月] 実際問題を使って212-89無料問題集サンプルと問題と練習テストエンジン [Q98-Q121]

[2023年12月] 実際問題を使って212-89無料問題集サンプルと問題と練習テストエンジン [Q98-Q121]

Share

[2023年12月] 実際問題を使って212-89無料問題集サンプルと問題と練習テストエンジン

合格させるEC-COUNCIL 212-89試験問題でテスト復刻エンジンとPDF

質問 # 98
In which of the steps of NIST's risk assessment methodology are the boundary of the IT system, along with the resources and the information that constitute the system identified?

  • A. System characterization
  • B. Likelihood Determination
  • C. Control recommendation
  • D. Control analysis

正解:A


質問 # 99
Khai was tasked with examining the logs from a Linux email server. The server uses Sendmail to execute the command to send emails and Syslog to maintain logs.
To validate the data within email headers, which of the following directories should Khai check for information such as source and destination IP addresses, dates, and timestamps?

  • A. /var/log/mailog
  • B. /var/log/sendmail
  • C. /var/log/mailog
  • D. /var/log/sendmail/mailog

正解:C


質問 # 100
The left over risk after implementing a control is called:

  • A. Unaccepted risk
  • B. Low risk
  • C. Residual risk
  • D. Critical risk

正解:C


質問 # 101
Which of the following is NOT an image integrity tool?

  • A. Hash Calc
  • B. Hash My Files
  • C. Netstat
  • D. MD 5 Calculator

正解:C


質問 # 102
One of the goals of CSIRT is to manage security problems by taking a certain approach towards the
customers' security vulnerabilities and by responding effectively to potential information security incidents.
Identify the incident response approach that focuses on developing the infrastructure and security processes
before the occurrence or detection of an event or any incident:

  • A. Interactive approach
  • B. Proactive approach
  • C. Qualitative approach
  • D. Introductive approach

正解:B


質問 # 103
John is performing a memory dump analysis in order to find traces of malware. He has employed Volatility tool in order to achieve his objective.
Which of the following volatility framework command she will use in order to analyze the running process from the memory dump?

  • A. python vol.py imageinfo -f/root/Desktop/memdump.mem
  • B. python vol.py hivelist-prof le=Win2008SP1x86 -f/root Desktop/memdump.mem
  • C. python vol.py pslist-profile=Win2008SP1x86 -f/root/Desktop/memdump.mem
  • D. python vol.py svcscan--profile=Win2008SP1x86 -f/root/Desktop/memdump.mem | more

正解:C


質問 # 104
Which of the following is a volatile evidence collecting tool?

  • A. Netstat
  • B. FTK Images
  • C. Pro Discover Forensics
  • D. Hash Tool

正解:A


質問 # 105
Eve is an incident handler in ABC organization. One day, she got a complaint about an email hacking incident from one of the employees of the organization. As a part of incident handling and response process, she must follow a number of recovery steps in order to recover from the incident impact and maintain business continuity.
What is the first step that she must do to secure the employee's account?

  • A. Disabling automatic filesharing between the systems
  • B. Enable two-factor authentication
  • C. Restore the email services and change the password
  • D. Enable scanning of links and attachments in all the emails

正解:C


質問 # 106
Rose is an incident-handler and is responsible for detecting and eliminating any kind of scanning attempts over the network by malicious threat actors. Rose uses Wire shark to sniff the network and detect any malicious activities going on.
Which of the following Wireshark filters can be used by her to detect TCP Xmas scan attempt by the attacker?

  • A. tcp.flags==0X 000
  • B. tcp.flags.reset== 1
  • C. tcp.flags==0X 029
  • D. tcp.dstport== 7

正解:C


質問 # 107
Stanley is an incident handler working for TexaCorp., a United States based organization. With the growing concern of increasing emails from outside the organization, Stanley was asked to take appropriate actions to keep the security of the organization intact. In the process of detecting and containing malicious emails, Stanley was asked to check the validity of the emails received by employees. Identify the tool Stanley can use to accomplish this task.

  • A. Event Log Analyzer
  • B. Email Dossier
  • C. Polite Mail
  • D. Point of Mail

正解:D


質問 # 108
The USB tool (depicted below) that is connected to male USB Keyboard cable and not detected by anti-spyware tools is most likely called:

  • A. Hardware Keylogger
  • B. Software Key Grabber
  • C. USB adapter
  • D. Anti-Keylogger

正解:A


質問 # 109
An audit trail policy collects all audit trails such as series of records of computer events, about an operating system, application or user activities. Which of the following statements is NOT true for an audit trail policy:

  • A. It helps calculating intangible losses to the organization due to incident
  • B. It helps in compliance to various regulatory laws, rules,and guidelines
  • C. It helps tracking individual actions and allows users to be personally accountable for their actions
  • D. It helps in reconstructing the events after a problem has occurred

正解:A


質問 # 110
Preventing the incident from spreading and limiting the scope of the incident is known as:

  • A. Incident Classification
  • B. Incident Containment
  • C. Incident Eradication
  • D. Incident Protection

正解:B


質問 # 111
A self-replicating virus does not alter files but resides inactive memory and duplicates itself. It takes advantage of file or information transport features on the system to travel independently.
What is this type of object called?

  • A. Worm
  • B. Trojan
  • C. Spyware
  • D. Adware

正解:A


質問 # 112
ZYX company experienced a DoS/DDoS attack on their network. Upon investigating the incident, they concluded that the attack is an application-layer attack.
Which of the following attacks did the attacker use?

  • A. UDP flood attack
  • B. SIowloris attack
  • C. SYN flood attack
  • D. Ping of death

正解:B


質問 # 113
A threat source does not present a risk if NO vulnerability that can be exercised for a particular threat source. Identify the step in which different threat sources are defined:

  • A. Identification Vulnerabilities
  • B. Threat identification
  • C. System characterization
  • D. Control analysis

正解:B


質問 # 114
Computer forensics is methodical series of techniques and procedures for gathering evidence from computing
equipment, various storage devices and or digital media that can be presented in a course of law in a coherent
and meaningful format. Which one of the following is an appropriate flow of steps in the computer forensics
process:

  • A. Preparation > Analysis > Collection > Examination > Reporting
  • B. Preparation > Collection > Examination > Analysis > Reporting
  • C. Examination> Analysis > Preparation > Collection > Reporting
  • D. Analysis > Preparation > Collection > Reporting > Examination

正解:B


質問 # 115
In which of the following stages of the incident handling and response (IH&R) process do the incident handlers try to find the root cause of the incident along with the threat actors behind the incidents, threat vectors, etc.?

  • A. Evidence gathering and forensics analysis
  • B. Incident recording and assignment
  • C. Incident triage
  • D. Post-incident activities

正解:A


質問 # 116
They type of attack that prevents the authorized users to access networks, systems, or applications by exhausting the network resources and sending illegal requests to an application is known as:

  • A. Session Hijacking attack
  • B. Man in the Middle attack
  • C. SQL injection attack
  • D. Denial of Service attack

正解:D


質問 # 117
Sam, an employee of a multinational company, sends emails to third-party organizations with a spoofed email address of his organization.
How can you categorize this type of incident?

  • A. Network intrusion incident
  • B. Unauthorized access incident
  • C. Denial-of-service incident
  • D. Inappropriate usage incident

正解:D


質問 # 118
The process of rebuilding and restoring the computer systems affected by an incident to normal operational
stage including all the processes, policies and tools is known as:

  • A. Incident Response
  • B. Incident Management
  • C. Incident Recovery
  • D. Incident Handling

正解:C

解説:
Explanation/Reference:


質問 # 119
Francis is an incident handler and security expert. He works at Morison Tech Solutions based in Sydney, Australia. He was assigned a task to detect phishing/spam mails for the client organization.
Which of the following tools can assist Francis to perform the required task?

  • A. Netcraft
  • B. Nessus
  • C. Cain and Abel
  • D. BT Crack

正解:A


質問 # 120
Which of the following DOES NOT expose a cloud application to hacking?

  • A. Lack of experience in manipulating cloud systems
  • B. Configuration error
  • C. Inappropriate technical issue
  • D. Contract with a cloud service vendor

正解:D


質問 # 121
......

あなたを合格させる212-89お手軽に試験合格リアル212-89練習問題集で更新されたのは2023年12月31日:https://www.goshiken.com/EC-COUNCIL/212-89-mondaishu.html

2023年最新の実際に出ると確認されたEC-COUNCIL 212-89無料試験問題:https://drive.google.com/open?id=14bXoxAdXAiKUTfaI9cOmwZvc_UyiRi0I

関するブログ

もっと
212-89無料問題集