[2022年01月] 最新のECIH Certification 212-89試験解答豪華セット問題集 [Q76-Q100]

Share

[2022年01月] 最新のECIH Certification 212-89試験解答豪華セット問題集

EC-COUNCILコンテンツをマスターして212-89試験合格保証つき問題集!

質問 76
A methodical series of techniques and procedures for gathering evidence, from computing equipment and various storage devices and digital media, that can be presented in a court of law in a coherent and meaningful format is called:

  • A. Computer Forensics
  • B. Forensic Analysis
  • C. Forensic Readiness
  • D. Steganalysis

正解: A

 

質問 77
The flow chart gives a view of different roles played by the different personnel of CSIRT. Identify the incident response personnel denoted by A, B, C, D, E, F and G.

  • A. A- Incident Coordinator, B- Constituency, C-Administrator, D-Incident Manager, E- Human Resource, F-Incident Analyst, G-Public relations
  • B. A- Incident Coordinator, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager
  • C. A- Incident Manager, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Coordinator
  • D. A-Incident Analyst, B- Incident Coordinator, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager

正解: A

 

質問 78
The message that is received and requires an urgent action and it prompts the recipient to delete certain files or forward it to others is called:

  • A. A Virus Hoax
  • B. An Adware
  • C. Mail bomb
  • D. Spear Phishing

正解: A

 

質問 79
Common name(s) for CSIRT is(are)

  • A. Incident Handling Team (IHT)
  • B. Incident Response Team (IRT)
  • C. All the above
  • D. Security Incident Response Team (SIRT)

正解: C

 

質問 80
The most common type(s) of intellectual property is(are):

  • A. Copyrights and Trademarks
  • B. Patents
  • C. Industrial design rights & Trade secrets
  • D. All the above

正解: D

 

質問 81
Which policy recommends controls for securing and tracking organizational resources:

  • A. Administrative security policy
  • B. Asset control policy
  • C. Access control policy
  • D. Acceptable use policy

正解: B

 

質問 82
The program that helps to train people to be better prepared to respond to emergency situations in their communities is known as:

  • A. Incident Response Team (IRT)
  • B. Community Emergency Response Team (CERT)
  • C. All the above
  • D. Security Incident Response Team (SIRT)

正解: B

 

質問 83
One of the main objectives of incident management is to prevent incidents and attacks by tightening the physical security of the system or infrastructure. According to CERT's incident management process, which stage focuses on implementing infrastructure improvements resulting from postmortem reviews or other process improvement mechanisms?

  • A. Preparation
  • B. Protection
  • C. Detection
  • D. Triage

正解: B

 

質問 84
Incident management team provides support to all users in the organization that are affected by the threat or attack. The organization's internal auditor is part of the incident response team. Identify one of the responsibilities of the internal auditor as part of the incident response team:

  • A. Perform necessary action to block the network traffic from suspected intruder
  • B. Configure information security controls
  • C. Identify and report security loopholes to the management for necessary actions
  • D. Coordinate incident containment activities with the information security officer

正解: C

 

質問 85
A threat source does not present a risk if NO vulnerability that can be exercised for a particular threat source.
Identify the step in which different threat sources are defined:

  • A. Threat identification
  • B. System characterization
  • C. Identification Vulnerabilities
  • D. Control analysis

正解: A

 

質問 86
Which of the following is a correct statement about incident management, handling and response:

  • A. Triage is one of the services provided by incident response
  • B. Incident response is one of the services provided by triage
  • C. Incident response is on the functions provided by incident handling
  • D. Incident handling is on the functions provided by incident response

正解: C

 

質問 87
The role that applies appropriate technology and tries to eradicate and recover from the incident is known as:

  • A. Incident Handler
  • B. Incident Analyst
  • C. Incident coordinator
  • D. Incident Manager

正解: B

 

質問 88
A Host is infected by worms that propagates through a vulnerable service; the sign(s) of the presence of the
worm include:

  • A. Decrease in network usage
  • B. Established connection attempts targeted at the vulnerable services
  • C. System becomes instable or crashes
  • D. All the above

正解: C

 

質問 89
Which of the following is a risk assessment tool:

  • A. Wireshark
  • B. Nmap
  • C. Nessus
  • D. CRAMM

正解: D

 

質問 90
One of the goals of CSIRT is to manage security problems by taking a certain approach towards the
customers' security vulnerabilities and by responding effectively to potential information security incidents.
Identify the incident response approach that focuses on developing the infrastructure and security processes
before the occurrence or detection of an event or any incident:

  • A. Proactive approach
  • B. Interactive approach
  • C. Introductive approach
  • D. Qualitative approach

正解: A

 

質問 91
The correct order or sequence of the Computer Forensic processes is:

  • A. Preparation, examination, collection, analysis, and reporting
  • B. Preparation, collection, examination, analysis, and reporting
  • C. Preparation, analysis, examination, collection, and reporting
  • D. Preparation, analysis, collection, examination, and reporting

正解: B

 

質問 92
Risk is defined as the probability of the occurrence of an incident. Risk formulation generally begins with the likeliness of an event's occurrence, the harm it may cause and is usually denoted as Risk = ∑(events)X(Probability of occurrence)X?

  • A. Magnitude
  • B. Significance
  • C. Consequences
  • D. Probability

正解: A

 

質問 93
What is the best staffing model for an incident response team if current employees' expertise is very low?

  • A. Fully insourced
  • B. Partially outsourced
  • C. Fully outsourced
  • D. All the above

正解: C

解説:
Explanation/Reference:

 

質問 94
In a qualitative risk analysis, risk is calculated in terms of:

  • A. (Countermeasures + Magnitude of Impact) - (Reports from prior risk assessments)
  • B. Probability of Loss X Loss
  • C. (Attack Success + Criticality ) -(Countermeasures)
  • D. Asset criticality assessment - (Risks and Associated Risk Levels)

正解: B

 

質問 95
Business continuity is defined as the ability of an organization to continue to function even after a disastrous
event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant
systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a
business continuity plan?

  • A. Business Recovery Plan
  • B. Forensics Procedure Plan
  • C. Sales and Marketing plan
  • D. New business strategy plan

正解: A

 

質問 96
Which is the incorrect statement about Anti-keyloggers scanners:

  • A. Software tools
  • B. Detect already installed Keyloggers in victim machines
  • C. Run in stealthy mode to record victims online activity

正解: C

 

質問 97
The very well-known free open source port, OS and service scanner and network discovery utility is called:

  • A. Wireshark
  • B. Nmap (Network Mapper)
  • C. SAINT
  • D. Snort

正解: B

 

質問 98
An audit trail policy collects all audit trails such as series of records of computer events, about an operating
system, application or user activities. Which of the following statements is NOT true for an audit trail policy:

  • A. It helps in reconstructing the events after a problem has occurred
  • B. It helps calculating intangible losses to the organization due to incident
  • C. It helps tracking individual actions and allows users to be personally accountable for their actions
  • D. It helps in compliance to various regulatory laws, rules,and guidelines

正解: B

 

質問 99
Quantitative risk is the numerical determination of the probability of an adverse event and the extent of the
losses due to the event. Quantitative risk is calculated as:

  • A. (Probability of Loss) / (Loss)
  • B. (Probability of Loss) X (Loss)
  • C. (Loss) / (Probability of Loss)
  • D. Significant Risks X Probability of Loss X Loss

正解: B

 

質問 100
......


EC-COUNCIL 212-89 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • 電子メールセキュリティインシデントの処理と対応
トピック 2
  • インサイダーの脅威への対応と対応
  • フォレンジックの準備と最初の対応
トピック 3
  • Webアプリケーションのセキュリティインシデントの処理と対応
  • インシデントの処理と対応の概要
トピック 4
  • クラウドセキュリティインシデントの処理と対応
  • インシデントの処理と対応プロセス
トピック 5
  • ネットワークセキュリティインシデントの処理と対応
  • マルウェアインシデントの処理と対応

 

あなたを合格させるEC-COUNCIL 212-89試験専門問題集はここにある:https://jp.fast2test.com/212-89-premium-file.html

最新ECIH Certification 212-89練習テストに最速準備問題をゲットせよ:https://drive.google.com/open?id=1pH6-n3x7IecpenKHfIgnVxPpqBLMvjoI


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어