[Q14-Q31] トップクラスEC-COUNCIL 212-89オンライン問題集で更新された[2024年01月]

トップクラスEC-COUNCIL 212-89オンライン問題集で更新された[2024年01月]

212-89練習問題集で検証済みのJPNTest更新された205問題あります

質問 # 14
The product of intellect that has commercial value and includes copyrights and trademarks is called:

• A. Patents
• B. Trade secrets
• C. Logos
• D. Intellectual property

正解：D

質問 # 15
Which one of the following is the correct flow of the stages in an incident handling and response (IH&R) process?

• A. Containment Incident recording Incident triage Preparation Recovery Eradication Post-incident activities
• B. Incident recording Preparation Containment Incident triage Recovery Eradication Post-incident activities
• C. Incident t rage Eradication Containment Incident recording Preparation Recovery Post-incident activities
• D. Preparation Incident recording Incident triage Containment Eradication Recovery Post-incident activities

正解：D

質問 # 16
Which of the following DOES NOT expose a cloud application to hacking?

• A. Inappropriate technical issue
• B. Configuration error
• C. Contract with a cloud service vendor
• D. Lack of experience in manipulating cloud systems

正解：C

質問 # 17
BadGuy Bob hid files in the slack space, changed the file headers, hid suspicious files in executables, and changed the metadata for all types of files on his hacker laptop.
What has he committed?

• A. Felony
• B. Legal hostility
• C. Anti-forensics
• D. Adversarial mechanics

正解：C

質問 # 18
To effectively describe security incidents, it is necessary to adopt a common set of terminology and to categorize the incidents.
According to ECIH text, in which category would you place an incident that involves illegal file download by a suspected or unknown user?

• A. Low Level
• B. Ultra High Level
• C. High level
• D. Middle level

正解：C

質問 # 19
Darwin is an attacker within an organization and is performing network sniffing by running his system in promiscuous mode. He is capturing and viewing all the network packets transmitted within the organization. Edwin is an incident handler in the same organization.
In the above situation, which of the following Nmap commands Edwin must use to detect Darwin's system that is running in promiscuous mode?

• A. nmap --script host map
• B. nmap -sV -T4 -O -F -version-light
• C. nmap -sU -p 500
• D. nmap --script=sniffer-detect [Target IP Address/Range of IP addresses]

正解：D

質問 # 20
Racheal is an incident handler working at an organization called Inception Tech. Recently, numerous employees have been complaining about receiving emails from unknown senders. In order to prevent employees from spoof ng emails and keeping security in mind, Racheal was asked to take appropriate actions in this matter. As a part of her assignment, she needs to analyze the email headers to check the authenticity of received emails.
Which of the following protocol/authentication standards she must check in email header to analyze the email authenticity?

• A. DKIM
• B. POP
• C. SNMP
• D. ARP

正解：A

質問 # 21
Which of the following is not a countermeasure to eradicate inappropriate usage incidents?

• A. Avoiding VPN and other secure network channels
• B. Always storing the sensitive data in far located servers and restricting its access
• C. Registering user activity logs and keep monitoring them regularly
• D. Installing firewall and IDS/IPS to block services that violate the organization's policy

正解：A

質問 # 22
Which of the following is a type of malicious code or software that appears legitimate but can take control of your computer?

• A. Phishing attack
• B. DDoS
• C. Password attack
• D. Trojan attack

正解：D

質問 # 23
Rica works as an incident handler for an international company. As part of her role, she must review the present security policy implemented. Upon inspection, Rica finds that the policy is wide open, and only known dangerous services/attacks or behaviors are blocked.
Which of the following is the current policy that Rica identified?

• A. Prudent policy
• B. Promiscuous policy
• C. Paranoid policy
• D. Permissive policy

正解：D

質問 # 24
Identify the network security incident where intended authorized users are prevented from using system,
network, or applications by flooding the network with high volume of traffic that consumes all existing network
resources.

• A. SQL Injection
• B. URL Manipulation
• C. Denial of Service Attack
• D. XSS Attack

正解：C

質問 # 25
Which of the following has been used to evade IDS and IPS?

• A. Fragmentation
• B. TNP
• C. HTTP
• D. SNMP

正解：A

質問 # 26
An estimation of the expected losses after an incident helps organization in prioritizing and formulating their
incident response. The cost of an incident can be categorized as a tangible and intangible cost. Identify the
tangible cost associated with virus outbreak?

• A. Damage to corporate reputation
• B. Lost productivity damage
• C. Loss of goodwill
• D. Psychological damage

正解：B

質問 # 27
Installing a password cracking tool, downloading pornography material, sending emails to colleagues which
irritates them and hosting unauthorized websites on the company's computer are considered:

• A. Network based attacks
• B. Malware attacks
• C. Unauthorized access attacks
• D. Inappropriate usage incidents

正解：D

質問 # 28
Which is the incorrect statement about Anti-keyloggers scanners:

• A. Software tools
• B. Run in stealthy mode to record victims online activity
• C. Detect already installed Keyloggers in victim machines

正解：B

質問 # 29
A malicious security-breaking code that is disguised as any useful program that installs an executable
programs when a file is opened and allows others to control the victim's system is called:

• A. Trojan
• B. Virus
• C. RootKit
• D. Worm

正解：A

解説：
Explanation

質問 # 30
Which of the following incident recovery testing methods works by creating a mock disaster, like fire to identify
the reaction of the procedures that are implemented to handle such situations?

• A. Facility testing
• B. Procedure testing
• C. Live walk-through testing
• D. Scenario testing

正解：B

質問 # 31
......

最新（2024)EC-COUNCIL 212-89試験問題集：https://www.jpntest.com/shiken/212-89-mondaishu