時間限定無料ダウンロード 最新の212-89問題集で2024年最新の212-89試験問題 [Q103-Q118]

時間限定無料ダウンロード 最新の212-89問題集で2024年最新の212-89試験問題

最新のEC-COUNCIL 212-89認定の練習テスト問題

質問 # 103
In the Control Analysis stage of the NIST's risk assessment methodology, technical and none technical control
methods are classified into two categories. What are these two control categories?

• A. Preventive and Detective controls
• B. Preventive and predictive controls
• C. Predictive and Detective controls
• D. Detective and Disguised controls

正解：A

質問 # 104
Eric works as a system administrator at ABC organization and previously granted several users with access privileges to the organizations systems with unlimited permissions. These privileged users could prospectively misuse their rights unintentionally, maliciously, or could be deceived by attackers that could trick them to perform malicious activities.
Which of the following guidelines would help incident handlers eradicate insider at tacks by privileged users?

• A. Do not control the access to administrators and privileged users
• B. Do not allow administrators to use unique accounts during the installation process
• C. Do not use encryption methods to prevent administrators and privileged users from accessing backup tapes and sensitive information
• D. Do not enable default administrative accounts to ensure accountability

正解：D

質問 # 105
Malicious software programs that infect computers and com up to r delete the data on them.
The above-mentioned statement defines which of the following terms?

• A. Trojan
• B. Spyware
• C. Worm
• D. Virus

正解：D

質問 # 106
Which of the following is NOT one of the common techniques used to detect Insider threats:

• A. Spotting conflicts with supervisors and coworkers
• B. Observing employee sick leaves
• C. Observing employee tardiness and unexplained absenteeism
• D. Spotting an increase in their performance

正解：D

質問 # 107
The free utility which quickly scans Systems running Windows OS to find settings that may have been changed by spyware, malware, or other unwanted programs is called:

• A. HijackThis
• B. Tripwire
• C. Stinger
• D. F-Secure Anti-virus

正解：A

質問 # 108
Insiders may be:

• A. Disgruntled staff members
• B. All the above
• C. Ignorant employees
• D. Carless administrators

正解：B

質問 # 109
If the loss anticipated is greater than the agreed upon threshold; the organization will:

• A. Do nothing
• B. Accept the risk but after management approval
• C. Accept the risk
• D. Mitigate the risk

正解：D

質問 # 110
Lack of forensic readiness may result in:

• A. Loss of clients thereby damaging the organization's reputation
• B. System downtime
• C. All the above
• D. Data manipulation, deletion, and theft

正解：C

質問 # 111
Khai was tasked with examining the logs from a Linux email server. The server uses Sendmail to execute the command to send emails and Syslog to maintain logs.
To validate the data within email headers, which of the following directories should Khai check for information such as source and destination IP addresses, dates, and timestamps?

• A. /var/log/sendmail/mailog
• B. /var/log/mailog
• C. /var/log/sendmail
• D. /var/log/mailog

正解：D

質問 # 112
Investigator lan gives you a drive image to investigate.
What type of analysis are you performing?

• A. Dynamic
• B. Static
• C. Real-time
• D. Live

正解：B

質問 # 113
Changing the web server contents, Accessing the workstation using a false ID and Copying sensitive data without authorization are examples of:

• A. Malware attacks
• B. Unauthorized access attacks
• C. Social Engineering attacks
• D. DDoS attacks

正解：B

質問 # 114
The role that applies appropriate technology and tries to eradicate and recover from the incident is known as:

• A. Incident coordinator
• B. Incident Handler
• C. Incident Manager
• D. Incident Analyst

正解：D

質問 # 115
To effectively describe security incidents, it is necessary to adopt a common set of terminology and to categorize the incidents.
According to ECIH text, in which category would you place an incident that involves illegal file download by a suspected or unknown user?

• A. Low Level
• B. Middle level
• C. High level
• D. Ultra High Level

正解：C

質問 # 116
A malicious security-breaking code that is disguised as any useful program that installs an executable programs when a file is opened and allows others to control the victim's system is called:

• A. RootKit
• B. Trojan
• C. Virus
• D. Worm

正解：B

質問 # 117
Qual Tech Solutions is a leading security services enterprise. Dickson, who works as an incident responder with this firm, is performing a vulnerability assessment to identify the security problems in the network by using automated tools for identifying the hosts, services, and vulnerabilities in the enterprise network.
In the above scenario, which of the following types of vulnerability assessment is Dickson performing?

• A. External assessment
• B. Passive assessment
• C. Internal assessment
• D. Active assessment

正解：D

質問 # 118
......

検証済みの212-89問題集と解答で一年間無料最速更新：https://www.jpntest.com/shiken/212-89-mondaishu