212-89

Insider threats can be detected by observing concerning behaviors exhibited by insiders, such as conflicts with supervisors and coworkers, decline in performance, tardiness or unexplained absenteeism. Select the technique that helps in detecting insider threats:A . Correlating known patterns of suspicious and malicious behaviorB . Protecting computer systems by implementing...

An attacker uncovered websites a target individual was frequently surfing. The attacker then tested those particular websites to identify possible vulnerabilities. After detecting vulnerabilities within a website, the attacker started injecting malicious script/code into the web application that would redirect the webpage and download the malware on to the victim's...

A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated with computer security incidents. Identify the procedure that is NOT part of the computer risk policy?A . Procedure to identify security funds to hedge riskB . Procedure to monitor the efficiency of security...

Computer forensics is methodical series of techniques and procedures for gathering evidence from computing equipment, various storage devices and or digital media that can be presented in a course of law in a coherent and meaningful format. Which one of the following is an appropriate flow of steps in the...

An audit trail policy collects all audit trails such as series of records of computer events, about an operating system, application or user activities. Which of the following statements is NOT true for an audit trail policy:A . It helps calculating intangible losses to the organization due to incidentB ....

Which of the following is an appropriate flow of the incident recovery steps?A . System Operation-System Restoration-System Validation-System MonitoringB . System Validation-System Operation-System Restoration-System MonitoringC . System Restoration-System Monitoring-System Validation-System OperationsD . System Restoration-System Validation-System Operations-System MonitoringView AnswerAnswer: D

A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:A . TrojansB . ZombiesC . SpywareD...

Organizations or incident response teams need to protect the evidence for any future legal actions that may be taken against perpetrators that intentionally attacked the computer system. EVIDENCE PROTECTION is also required to meet legal compliance issues. Which of the following documents helps in protecting evidence from physical or logical...

Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part...

An incident is analyzed for its nature, intensity and its effects on the network and systems. Which stage of the incident response and handling process involves auditing the system and network log files?A . Incident recordingB . ReportingC . ContainmentD . IdentificationView AnswerAnswer: D