212-89 exam

Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she is performing threat attribution that deals with the identification of the specific person, society, or country sponsoring a...

Risk is defined as the probability of the occurrence of an incident. Risk formulation generally begins with the likeliness of an event’s occurrence, the harm it may cause and is usually denoted as Risk = ∑(events)X (Probability of occurrence) X?A . MagnitudeB . ProbabilityC . ConsequencesD . SignificanceView AnswerAnswer: A

Which of the following GPG 18 and Forensic readiness planning(SPF) principles states that “organizations should adopt a scenario based Forensic Readiness Planning approach that learns from experience gained within the business"?A . Principle 2B . Principle 5C . Principle 3D . Principle 7View AnswerAnswer: B

In the Control Analysis stage of the NIST’s risk assessment methodology, technical and none technical control methods are classified into two categories. What are these two control categories?A . Preventive and Detective controlsB . Detective and Disguised controlsC . Predictive and Detective controlsD . Preventive and predictive controlsView AnswerAnswer: A

Multiple component incidents consist of a combination of two or more attacks in a system. Which of the following is not a multiple component incident?A . An insider intentionally deleting files from a workstationB . An attacker redirecting user to a malicious website and infects his system with TrojanC ....

Shally, an incident handler, is working for a company named Texas Pvt. Ltd. based in Florida. She was asked to work on an incident response plan. As part of the plan, she decided to enhance and improve the security infrastructure of the enterprise. She has incorporated a security strategy that...

Which of the following terms refers to an organization's ability to make optimal use of digital evidence in a limited period of time and with minimal investigation costs?A . Risk assessmentB . Threat assessmentC . Data analysisD . Forensic readinessView AnswerAnswer: A

Which policy recommends controls for securing and tracking organizational resources:A . Access control policyB . Administrative security policyC . Acceptable use policyD . Asset control policyView AnswerAnswer: D

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization’s incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would...

US-CERT and Federal civilian agencies use the reporting timeframe criteria in the federal agency reporting categorization. What is the timeframe required to report an incident under the CAT 4 Federal Agency category?A . WeeklyB . Within four (4) hours of discovery/detection if the successful attack is still ongoing and agency...