212-89無料問題集「EC-COUNCIL EC Council Certified Incident Handler (ECIH v3)」

質問 1

Which of the following terms refers to vulnerable account management functions, including account update, recovery of forgotten or lost passwords, and password reset, that might weaken valid authentication schemes?

（A）Cross-site scripting

（B）SQL injection

（C）Broken account management

（D）Directory traversal

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

What is the most recent NIST standard for incident response?

（A）800-61r3

（B）800-53r3

（C）800-171r2

（D）800-61r2

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Eve's is an incident handler in ABC organization. One day, she got a complaint about email hacking incident from one of the employees of the organization. As a part of incident handling and response process, she must follow many recovery steps in order to recover from incident impact to maintain business continuity.
What is the first step that she must do to secure employee account?

（A）Enable scanning of links and attachments in all the emails

（B）Restore the email services and change the password

（C）Disabling automatic file sharing between the systems

（D）Enable two-factor authentication

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Elizabeth, who works for OBC organization as an incident responder, is assessing the risks to the organizational security. As part of the assessment process, she is calculating the probability of a threat source exploiting an existing system vulnerability. Which of the following risk assessment steps is Elizabeth currently in?

（A）System characterization

（B）Vulnerability identification

（C）Likelihood analysis

（D）Impact analysis

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which of the following methods help incident responders to reduce the false-positive alert rates and further provide benefits of focusing on topmost priority issues reducing potential risk and corporate liabilities?

（A）Threat profiling

（B）Threat attribution

（C）Threat contextualization

（D）Threat correlation

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Clark, a professional hacker, exploited the web application of a target organization by tampering the form and parameter values. He successfully exploited the web application and gained access to the information assets of the organization.
Identify the vulnerability in the web application exploited by the attacker.

（A）SQL injection

（B）Sensitive data exposure

（C）Broken access control

（D）Security misconfiguration

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Bran is an incident handler who is assessing the network of the organization. He wants to detect ping sweep attempts on the network using Wireshark. Which of the following Wireshark filters would Bran use to accomplish this task?

（A）icmp.lype==8

（B）icmp.ident

（C）icmp.scq

（D）icmp.redir_gw

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which of the following types of digital evidence is temporarily stored in a digital device that requires constant power supply and is deleted if the power supply is interrupted?

（A）Process memory

（B）Swap file

（C）Slack space

（D）Event logs

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Matt is an incident handler working for one of the largest social network companies, which was affected by malware. According to the company's reporting timeframe guidelines, a malware incident should be reported within 1 h of discovery/detection after its spread across the company. Which category does this incident belong to?

（A）CAT 2

（B）CAT 4

（C）CAT 3

（D）CAT 1

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Michael is a part of the computer incident response team of a company. One of his responsibilities is to handle email incidents. The company receives an email from an unknown source, and one of the steps that he needs to take is to check the validity of the email. Which of the following tools should he use?

（A）Email Dossier

（B）Zendio

（C）G Suite Toolbox

（D）Yesware

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

212-89 無料問題集「EC-COUNCIL EC Council Certified Incident Handler (ECIH v3)」

弊社を連絡する

関連リンク

トップ試験