212-89問題集合格保証付きの合格できる212-89試験2023年更新 [Q44-Q61]

212-89問題集合格保証付きの合格できる212-89試験2023年更新

212-89試験問題集を試そう！ベスト212-89試験問題トレーニングを提供していますJPNTest

EC-COUNCILの212-89認定は、コンピュータセキュリティインシデントに対応し、効果的に管理するために必要なスキルと知識を検証するために高く評価されています。これは、サイバーセキュリティ分野でキャリアを進めたい専門家にとって、グローバルに認められた認定であり、ECIH認定を保持することで、最高のサイバーセキュリティの実践と手順を維持することへのコミットメントを雇用主に示すことができます。

 

質問 # 44
Which of the following does NOT reduce the success rate of SQL injection?

• A. Close unnecessary application services and ports on the server.
• B. Limit the length of the input field.
• C. Constrain legitimate characters to exclude special characters.
• D. Automatically lock a user account at era predefined number of invalid login attempts within a predefined interval

正解：A

質問 # 45
Digital evidence plays a major role in prosecuting cyber criminals. John is a cyber-crime investigator, is asked to investigate a child pornography case. The personal computer of the criminal in question was confiscated by the county police. Which of the following evidence will lead John in his investigation?

• A. SAM file
• B. Web browser history
• C. Web serve log
• D. Routing table list

正解：B

質問 # 46
Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?

• A. Business Recovery Plan
• B. New business strategy plan
• C. Forensics Procedure Plan
• D. Sales and Marketing plan

正解：A

質問 # 47
Which is the incorrect statement about Anti-keyloggers scanners:

• A. Software tools
• B. Detect already installed Keyloggers in victim machines
• C. Run in stealthy mode to record victims online activity

正解：C

質問 # 48
A self-replicating malicious code that does not alter files but resides in active memory and duplicates itself, spreads through the infected network automatically and takes advantage of file or information transport features on the system to travel independently is called:

• A. RootKit
• B. Virus
• C. Worm
• D. Trojan

正解：C

質問 # 49
When an employee is terminated from his or her job, what should be the next immediate step taken by an organization?

• A. The organization should monitor the activities of the system administrators and privileged users who have permissions to access the sensitive information
• B. All access rights of the employee to physical locations, networks, systems, applications and data should be disabled
• C. The access requests granted to an employee should be documented and vetted by the supervisor
• D. The organization should enforce separation of duties

正解：B

質問 # 50
The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/
services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service
attack?

• A. SAM service
• B. SMTP service
• C. Echo service
• D. POP3 service

正解：C

質問 # 51
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following helps in recognizing and separating the infected hosts from the information system?

• A. Browsing particular government websites
• B. Sending mails to only group of friends
• C. Inspecting the process running on the system
• D. Configuring firewall to default settings

正解：C

質問 # 52
Which of the following tools helps incident handlers to view the filesystem, retrieve deleted data, perform timeline analysis, web art facts, etc., during an incident response process?

• A. nbtstat
• B. netstat
• C. Process Explorer
• D. Autopsy

正解：D

質問 # 53
The steps followed to recover computer systems after an incident are:

• A. System validation, restoration, operation and monitoring
• B. System restoration, validation, operation and monitoring
• C. System restoration, operation, validation, and monitoring
• D. System monitoring, validation, operation and restoration

正解：B

質問 # 54
A living high level document that states in writing a requirement and directions on how an agency plans to protect its information technology assets is called:

• A. Information security Policy
• B. Information security Procedure
• C. Information security Baseline
• D. Information security Standard

正解：A

質問 # 55
Computer viruses are malicious software programs that infect computers and corrupt or delete the data on them. Identify the virus type that specifically infects Microsoft Word files?

• A. Micro Virus
• B. Macro Virus
• C. Boot Sector virus
• D. File Infector

正解：B

質問 # 56
Dash wants to perform a DoS attack over 256 target URLs simultaneously.
Which of the following tools can Dash employ to achieve his objective?

• A. Ollydbg
• B. IDA Pro
• C. Open VAS
• D. HOIC

正解：D

質問 # 57
An incident handler is analyzing email headers to uncover suspicious emails.
Which of the following tools would he/she use in order to accomplish this task?

• A. Mx Toolbox
• B. SPAMfighter
• C. Barracuda Email Security Gateway
• D. Go phish

正解：A

質問 # 58
Except for some common roles, the roles in an IRT are distinct for every organization. Which among the following is the role played by the Incident Coordinator of an IRT?

• A. Applies the appropriate technology and tries to eradicate and recover from the incident
• B. Links the groups that are affected by the incidents, such as legal, human resources, different business areas and management
• C. Focuses on the incident and handles it from management and technical point of view
• D. Links the appropriate technology to the incident to ensure that the foundation's offices are returned to normal operations as quickly as possible

正解：B

質問 # 59
Digital evidence must:

• A. Be Authentic, complete and reliable
• B. Be Volatile
• C. Not prove the attackers actions
• D. Cast doubt on the authenticity and veracity of the evidence

正解：A

質問 # 60
Policies are designed to protect the organizational resources on the network by establishing the set rules and procedures. Which of the following policies authorizes a group of users to perform a set of actions on a set of resources?

• A. Audit trail policy
• B. Documentation policy
• C. Logging policy
• D. Access control policy

正解：D

質問 # 61
......

ECIH V2認定は、組織内のセキュリティインシデントの検出、対応、および管理を担当する専門家向けに設計されています。これには、インシデントハンドラー、リスク評価管理者、脆弱性評価アナリスト、およびその他のサイバーセキュリティの専門家が含まれます。この認証は、インシデント対応と回復、ネットワークインフラストラクチャとプロトコル、フォレンジック分析など、インシデント処理に関連する幅広いトピックをカバーしています。

EC-Council認定インシデントハンドラー（ECIH v2）試験に合格するためには、候補者はインシデント処理手順の理解を証明する必要があります。これには、セキュリティインシデントの特定と分析、脅威の抑制と除去、インシデントからの回復が含まれます。試験では、候補者のインシデント対応計画の開発と実装能力、マルウェア感染、ネットワーク侵害、内部脅威などのさまざまなタイプのインシデントに関する知識も試されます。全体的に、ECIH v2認定は、プロフェッショナルがセキュリティインシデントを効果的に処理し、組織の資産を保護するために必要なスキルと知識を提供します。

 

最新100%合格率保証付きの素晴らしい212-89試験問題PDF：https://www.jpntest.com/shiken/212-89-mondaishu