EC-COUNCIL 212-89試験問題集にはPDF問題とテストエンジンを試せ! [Q21-Q45]

Share

EC-COUNCIL 212-89試験問題集にはPDF問題とテストエンジンを試せ!

最新212-89試験問題集には合格保証付きます


ECIH v2試験に備えて、受験者は、学習ガイド、練習問題、トレーニングコースなど、さまざまなリソースを活用することができます。EC-Councilは、試験のすべてのトピックをカバーし、インシデント対応ツールと技術の実践的な経験を提供する包括的なトレーニングプログラムを提供しています。ECIH v2試験の合格は、インシデントハンドリングと対応のキャリアを進めたいITプロフェッショナルにとって貴重な資格であり、世界的に雇用主に認められた業界の優秀性の証明とされています。

 

質問 # 21
A security policy will take the form of a document or a collection of documents, depending on the situation or
usage. It can become a point of reference in case a violation occurs that results in dismissal or other penalty.
Which of the following is NOT true for a good security policy?

  • A. It must be enforceable with security tools where appropriate and with sanctions where actual prevention is
    not technically feasible
  • B. It must clearly define the areas of responsibilities of the users, administrators and management
  • C. It must be approved by court of law after verifications of the stated terms and facts
  • D. It must be implemented through system administration procedures, publishing of acceptable use guide lines
    or other appropriate methods

正解:C


質問 # 22
Eric works as an incident handler at Erinol software systems. He was assigned a task to protect the organization from any kind of DoS/DDoS attacks.
Which of the following tools can be used by Eric to achieve his objective?

  • A. IDA
  • B. Hydra
  • C. Wire shark
  • D. Incapsula

正解:D


質問 # 23
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following helps in recognizing and separating the infected hosts from the information system?

  • A. Browsing particular government websites
  • B. Inspecting the process running on the system
  • C. Sending mails to only group of friends
  • D. Configuring firewall to default settings

正解:B


質問 # 24
The role that applies appropriate technology and tries to eradicate and recover from the incident is known as:

  • A. Incident Manager
  • B. Incident coordinator
  • C. Incident Handler
  • D. Incident Analyst

正解:D


質問 # 25
Introduction of malicious programs on to the device connected to the campus network (Trojan Horse, email bombs, virus, etc.) is called?

  • A. Network Access
  • B. Authorize Access
  • C. Un authorize Access
  • D. Inappropriate Usage

正解:A


質問 # 26
Which of the following options describes common characteristics of phishing emails?

  • A. Written in French
  • B. Urgency, threatening, or promising subject lines
  • C. No BCC fields
  • D. Sent from friends or colleagues

正解:B


質問 # 27
The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/ services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service attack?

  • A. SMTP service
  • B. Echo service
  • C. POP3 service
  • D. SAM service

正解:B


質問 # 28
The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility standard across many industries and educational institutions is known as:

  • A. Cain & Able
  • B. Wireshark
  • C. Snort
  • D. nmap

正解:B


質問 # 29
Which of the following is a risk assessment tool:

  • A. CRAMM
  • B. Nmap
  • C. Wireshark
  • D. Nessus

正解:A


質問 # 30
The very well-known free open source port, OS and service scanner and network discovery utility is called:

  • A. Wireshark
  • B. Snort
  • C. SAINT
  • D. Nmap (Network Mapper)

正解:D


質問 # 31
The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility standard across many
industries and educational institutions is known as:

  • A. Cain & Able
  • B. Wireshark
  • C. Snort
  • D. nmap

正解:B


質問 # 32
The open source TCP/IP network intrusion prevention and detection system (IDS/IPS), uses a rule-driven language, performs real-time traffic analysis and packet logging is known as:

  • A. Wireshark
  • B. Snort
  • C. Nessus
  • D. SAINT

正解:B


質問 # 33
Business continuity is defined as the ability of an organization to continue to function even after a disastrous
event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant
systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a
business continuity plan?

  • A. Business Recovery Plan
  • B. New business strategy plan
  • C. Sales and Marketing plan
  • D. Forensics Procedure Plan

正解:A


質問 # 34
The sign of incident that may happen in the future is called:

  • A. A Precursor
  • B. A Reactive
  • C. An Indication
  • D. A Proactive

正解:A


質問 # 35
Which of the following techniques prevent or mislead incident-handling processes and may also affect the collection, preservation, and identification phases of the forensic investigation process?

  • A. Anti-forensics
  • B. Enumeration
  • C. Foot printing
  • D. Scanning

正解:A


質問 # 36
A computer forensic investigator must perform a proper investigation to protect digital evidence. During the
investigation, an investigator needs to process large amounts of data using a combination of automated and
manual methods. Identify the computer forensic process involved:

  • A. Analysis
  • B. Preparation
  • C. Examination
  • D. Collection

正解:C


質問 # 37
Ikeo Corp.hired an incident response team to assess the enterprise security. As part of the incident handling and response process, the IR team is reviewing the current se cunty policies implemented by the enterprise. The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any appl cation, and access a computer or network from a remote location. Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers.
Which of the following security policies is the IR team planning to modify?

  • A. Paranoid policy
  • B. Promiscuous policy
  • C. Prudent policy
  • D. Permissive policy

正解:B


質問 # 38
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following steps focus on limiting the scope and extent of an incident?

  • A. Data collection
  • B. Eradication
  • C. Identification
  • D. Containment

正解:D


質問 # 39
An organization's customers are experiencing either slower network communication or unavailability of services. In addition, network administrators are receiving alerts from security tools such as IDS/IPS and firewalls about a possible DoS/DDoS attack. In result, the organization requests the incident handling and response (IH&R) team further investigates the incident. The IH&R team decides to use manual techniques to detect DoS/DDoS attack.
Which of the following commands helps the IH&R team to manually detect DoS/DDoS attack?

  • A. nbtstat /S
  • B. netstat -r
  • C. nbtstat /c
  • D. netstat -an

正解:D


質問 # 40
An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of their maintenance. They first identified various risks and threats associated with cloud service adoption and migrating critical business data to third party systems. Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats.
Which of the following tools would help the organization to secure cloud resources and services?

  • A. Nmap
  • B. Burp Suite
  • C. Alert Logic
  • D. Wire shark

正解:C


質問 # 41
The flow chart gives a view of different roles played by the different personnel of CSIRT. Identify the incident response personnel denoted by A, B, C, D, E, F and G.

  • A. A-Incident Analyst, B- Incident Coordinator, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager
  • B. A- Incident Coordinator, B- Constituency, C-Administrator, D-Incident Manager, E- Human Resource, F-Incident Analyst, G-Public relations
  • C. A- Incident Coordinator, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager
  • D. A- Incident Manager, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Coordinator

正解:B


質問 # 42
Incident management team provides support to all users in the organization that are affected by the threat or
attack. The organization's internal auditor is part of the incident response team. Identify one of the
responsibilities of the internal auditor as part of the incident response team:

  • A. Identify and report security loopholes to the management for necessary actions
  • B. Coordinate incident containment activities with the information security officer
  • C. Perform necessary action to block the network traffic from suspected intruder
  • D. Configure information security controls

正解:A


質問 # 43
Computer forensics is methodical series of techniques and procedures for gathering evidence from computing equipment, various storage devices and or digital media that can be presented in a course of law in a coherent and meaningful format. Which one of the following is an appropriate flow of steps in the computer forensics process:

  • A. Preparation > Collection > Examination > Analysis > Reporting
  • B. Analysis > Preparation > Collection > Reporting > Examination
  • C. Examination> Analysis > Preparation > Collection > Reporting
  • D. Preparation > Analysis > Collection > Examination > Reporting

正解:A


質問 # 44
Investigator lan gives you a drive image to investigate.
What type of analysis are you performing?

  • A. Dynamic
  • B. Real-time
  • C. Static
  • D. Live

正解:C


質問 # 45
......


ECIH V2認定は、セキュリティアナリスト、ネットワークセキュリティ管理者、インシデント対応チームメンバーなど、セキュリティインシデントの管理と対応を担当する専門家に最適です。この認定は、インシデントの取り扱いと対応のスキルと知識を向上させたい個人にも適しています。サイバーの脅威とセキュリティ侵害の有病率が高まっているため、ECIH V2認証を伴うインシデント処理専門家の需要が増加しています。


ECIH認定プログラムは、インシデントの処理と対応、コンピューターフォレンジック、インシデントの報告、インシデントの回復などのトピックをカバーしています。この試験は、個人がセキュリティインシデントを効果的に特定、分析、対応できる能力をテストするよう設計されています。ECIH認定プログラムは、セキュリティインシデントの処理と対応の知識やスキルを向上させたいITプロフェッショナルに最適です。この認定は、サイバーセキュリティのキャリアを追求したい個人にとっても有益であり、この分野の高度な認定のための強固な基盤を提供します。

 

信頼できるECIH Certification 212-89問題集PDFには2023年11月07日更新された問題です:https://jp.fast2test.com/212-89-premium-file.html

必ず合格できるEC-COUNCIL 212-89試験正確な205問題と解答あります:https://drive.google.com/open?id=1IsHE5Z0fnBURKsBini6BJ2FYl3qnbhUx


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어