[完全版]2023年最新のFast2test 212-89のPDFで最近更新された問題です [Q90-Q109]

Share

[完全版]2023年最新のFast2test 212-89のPDFで最近更新された問題です

212-89試験には保証が付きます。更新されたのは205問があります

質問 # 90
To whom should an information security incident be reported?

  • A. Human resources and Legal Department
  • B. Chief Information Security Officer
  • C. It should not be reported at all and it is better to resolve it internally
  • D. It should be reported according to the incident reporting & handling policy

正解:D


質問 # 91
Which policy recommends controls for securing and tracking organizational resources:

  • A. Administrative security policy
  • B. Asset control policy
  • C. Acceptable use policy
  • D. Access control policy

正解:B

解説:
Explanation/Reference:


質問 # 92
Which of the following is a term that describes the combination of strategies and services intended to restore data, applications, and other resources to the public cloud or dedicated service providers?

  • A. Eradication
  • B. Cloud recovery
  • C. Analysis
  • D. Mitigation

正解:B


質問 # 93
lkeo Corp. has hired an incident response team to assess the enterprise security. As a part of the incident handing and response process, the IR team is reviewing the current security policies implemented by the enterprise. The IR team finds out that employees of the organization do not have any restrictions on Internet access, which means that they are allowed to visit any site, download any application, and access a computer or a network from a remote location. Considering this as a main security threat, the IR team plans to change this policy as it can be easily exploited by the attackers. Identify the security policy that the IR team is planning to modify.

  • A. Paranoid policy
  • B. Promiscuous pol cy
  • C. Prudent policy
  • D. Permissive policy

正解:B


質問 # 94
The policy that defines which set of events needs to be logged in order to capture and review the important
data in a timely manner is known as:

  • A. Logging policy
  • B. Audit trail policy
  • C. Documentation policy
  • D. Evidence Collection policy

正解:A


質問 # 95
Racheal is an incident handler working at an organization called Inception Tech. Recently, numerous employees have been complaining about receiving emails from unknown senders. In order to prevent employees from spoof ng emails and keeping security in mind, Racheal was asked to take appropriate actions in this matter. As a part of her assignment, she needs to analyze the email headers to check the authenticity of received emails.
Which of the following protocol/authentication standards she must check in email header to analyze the email authenticity?

  • A. POP
  • B. DKIM
  • C. ARP
  • D. SNMP

正解:B


質問 # 96
An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of their maintenance. They first identified various risks and threats associated with cloud service adoption and migrating critical business data to third party systems. Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats.
Which of the following tools would help the organization to secure cloud resources and services?

  • A. Wire shark
  • B. Nmap
  • C. Burp Suite
  • D. Alert Logic

正解:D


質問 # 97
Which stage of the incident response and handling process involves auditing the system and network log files?

  • A. Incident eradication
  • B. Containment
  • C. Incident disclosure
  • D. Incident triage

正解:D


質問 # 98
The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/
services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service
attack?

  • A. SMTP service
  • B. POP3 service
  • C. SAM service
  • D. Echo service

正解:D


質問 # 99
Eric is an incident responder working on developing incident-handling plans and procedures. As part of this process, he is analyzing the organizational network to generate a report and develop policies based on the acquired results.
Which of the following tools will help him in analyzing his network and the related traffic?

  • A. Wireshark
  • B. FaceNiff
  • C. Whois
  • D. Burp Suite

正解:A


質問 # 100
Which of the following is NOT a digital forensic analysis tool:

  • A. Access Data FTK
  • B. EAR/ Pilar
  • C. Guidance Software EnCase Forensic
  • D. Helix

正解:B


質問 # 101
Which of the following is a risk assessment tool:

  • A. Wireshark
  • B. Nessus
  • C. CRAMM
  • D. Nmap

正解:C


質問 # 102
Which of the following is defined as the identification of the boundaries of an IT system along with the resources and information that constitute the system?

  • A. Vulnerability identification
  • B. Threat identification
  • C. System characterization
  • D. Control analysis

正解:C


質問 # 103
Which of the following techniques prevent or mislead incident-handling processes and may also affect the collection, preservation, and identification phases of the forensic investigation process?

  • A. Foot printing
  • B. Anti-forensics
  • C. Scanning
  • D. Enumeration

正解:B


質問 # 104
Which among the following CERTs is an Internet provider to higher education institutions and various other research institutions in the Netherlands and deals with all cases related to computer security incidents in which a customer is involved either as a victim or as a suspect?

  • A. DFN-CERT
  • B. NET-CERT
  • C. Funet CERT
  • D. SURFnet-CERT

正解:D


質問 # 105
CSIRT can be implemented at:

  • A. Vendor level
  • B. All the above
  • C. National, government and military level
  • D. Internal enterprise level

正解:B


質問 # 106
Which of the following risk mitigation strategies involves the execution of controls to reduce the risk factor and bring it to an acceptable level, or accepts the potential risk and continues operating the IT system?

  • A. Risk transference
  • B. Risk avoidance
  • C. Risk assumption
  • D. Risk planning

正解:C


質問 # 107
A US Federal agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to agency's reporting timeframe guidelines, this incident should be reported within two (2) HOURS of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity. Which incident category of the US Federal Agency does this incident belong to?

  • A. CAT 6
  • B. CAT 1
  • C. CAT 5
  • D. CAT 2

正解:D


質問 # 108
A malicious security-breaking code that is disguised as any useful program that installs an executable programs when a file is opened and allows others to control the victim's system is called:

  • A. RootKit
  • B. Virus
  • C. Trojan
  • D. Worm

正解:C


質問 # 109
......


ECIH v2試験は、インシデント対応、インシデント管理、脆弱性評価と管理、ネットワークセキュリティ、法的分析など、インシデント対応に関連する幅広いトピックをカバーしています。試験には、候補者がシミュレートされた環境で自分のスキルを練習できる実践的なラボも含まれています。この実践的なアプローチにより、候補者はインシデント対応の理論だけでなく、その知識を現実のシナリオに適用する必要なスキルも身につけることができます。

 

最新の212-89合格保証付き試験問題集の認定サンプル問題:https://jp.fast2test.com/212-89-premium-file.html

212-89更新された試験問題集で[2023年最新] 練習には有効な試験問題集:https://drive.google.com/open?id=1FHxOrD3-kdjxlb0X8szGI_uSMEU9LGO8


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어