2024 Free EC-COUNCIL 212-89 Exam Files Downloaded Instantly [Q72-Q91]

QUESTION 72
A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is
targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect
multiple systems which are known as:

QUESTION 73
A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:

QUESTION 74
Which of the following is a standard framework that provides recommendations for implementing information security controls for organizations that initiate, implement, or maintain information security management systems (ISMSs)?

QUESTION 75
Bob, an incident responder at CyberTech Solutions, is investigating a cybercrime attack occurred in the client company. He acquired the evidence data, preserved it, and started performing analysis on acquired evidentiary data to identify the source of the crime and the culprit behind the incident.
Identify the forensic investigation phase in which Bob is currently in.

QUESTION 76
Alex is an incident handler in QWERTY Company. He identified that an attacker created a backdoor inside the company’s network by installing a fake AP inside a firewall. Which of the following attack types did the attacker use?

QUESTION 77
Shiela is working at night as an incident handler. During a shift, servers were affected by a massive cyberattack. After she classified and prioritized the incident, she must report the incident, obtain necessary permissions, and perform other incident response functions. What list should she check to notify other responsible personnel?

QUESTION 78
Rose is an incident-handler and is responsible for detecting and eliminating any kind of scanning attempts over the network by malicious threat actors. Rose uses Wire shark to sniff the network and detect any malicious activities going on.
Which of the following Wireshark filters can be used by her to detect TCP Xmas scan attempt by the attacker?

QUESTION 79
Which of the following is a volatile evidence collecting tool?

QUESTION 80
You are talking to a colleague who Is deciding what information they should include in their organization’s logs to help with security auditing. Which of the following items should you tell them to NOT log?

QUESTION 81
Nervous Nat often sends emails with screenshots of what he thinks are serious incidents, but they always tum out to be false positives. Today, he sends another screenshot, suspecting a nation-state attack. As usual, you go through your list of questions, check your resources for information to determine whether the screenshot shows a real attack, and determine the condition of your network.
Which step of IR did you just perform?

QUESTION 82
Which of the following incident recovery testing methods works by creating a mock disaster, like fire to identify
the reaction of the procedures that are implemented to handle such situations?

QUESTION 83
Bob, an incident responder at CyberTech Solutions, is investigating a cybercrime attack occurred in the client company. He acquired the evidence data, preserved it, and started performing analysis on acquired evidentiary data to identify the source of the crime and the culprit behind the incident.
Identify the forensic investigation phase in which Bob is currently in.

QUESTION 84
A colleague wants to minimize their security responsibility because they are in a small organization. They are evaluating a new application that is offered in different forms. Which form would result in the least amount of responsibility for the colleague?

QUESTION 85
Which of the following are malicious software programs that infect computers and corruptor delete the data on them?

QUESTION 86
Nervous Nat often sends emails with screenshots of what he thinks are serious incidents, but they always turn out to be false positives. Today, he sends another screenshot, suspecting a nation-state attack. As usual, you go through your list of questions, check your resources for information to determine whether the screenshot shows a real attack, and determine the condition of your network. Which step of IR did you just perform?

QUESTION 87
Adam is an incident handler who intends to use DBCC LOG command to analyze a database and retrieve the active transaction log files for the specified database. The syntax of DBCC LOG command is DBCC LOG(, ), where the output parameter specifies the level of information an incident handler wants to retrieve. If Adam wants to retrieve the full information on each operation along with the hex dump of a current transaction row, which of the following output parameters should Adam use?

QUESTION 88
The state of incident response preparedness that enables an organization to maximize its potential to use
digital evidence while minimizing the cost of an investigation is called:

QUESTION 89
Auser downloaded what appears to be genuine software. Unknown to her, when she installed the application, it executed code that provided an unauthorized remote attacker access to her computer. What type of malicious threat displays this characteristic?

QUESTION 90
Shall y, an incident handler, works for a company named Texas Pvt.Ltd.based in Florida. She was asked to work on an incident response plan. As part of the plan, she decided to enhance and improve the security infrastructure of the enterprise. She incorporated a security strategy that allows security professionals to use several protection layers throughout their information system. Owing to multiple-layer protection, this security strategy assists in preventing direct attacks against the organization’s information system as a break in one layer only leads the attacker to the next layer.
Which of the following security strategies did Shall y incorporate in the incident response plan?

QUESTION 91
Elizabeth, who works for OBC organization as an incident responder, is assessing the risks to the organizational security. As part of the assessment process, she is calculating the probability of a threat source exploiting an existing system vulnerability. Which of the following risk assessment steps is Elizabeth currently in?