212-89 exam

The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/ services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service attack?A . SAM serviceB . POP3 serviceC . SMTP serviceD . Echo serviceView AnswerAnswer:...

One of the main objectives of incident management is to prevent incidents and attacks by tightening the physical security of the system or infrastructure. According to CERT’s incident management process, which stage focuses on implementing infrastructure improvements resulting from postmortem reviews or other process improvement mechanisms?A . ProtectionB . PreparationC...

The data on the affected system must be backed up so that it can be retrieved if it is damaged during incident response. The system backup can also be used for further investigations of the incident. Identify the stage of the incident response and handling process in which complete backup...

John is performing a memory dump analysis in order to find traces of malware. He has employed Volatility tool in order to achieve his objective. Which of the following volatility framework command she will use in order to analyze the running process from the memory dump?A . python vol.py pslist--profile=Win2008SP1x86...

Joseph is an incident handling and response(IH&R) team lead in Toro Network Solutions Company. As a part of the IH&R process, Joseph alerted the service providers, developers, and manufacturers about the affected resources. Identify the stage of IH&R process Joseph is currently in.A . EradicationB . RecoveryC . ContainmentD ....

Insider threats can be detected by observing concerning behaviors exhibited by insiders, such as conflicts with supervisors and coworkers, decline in performance, tardiness or unexplained absenteeism. Select the technique that helps in detecting insider threats:A . Correlating known patterns of suspicious and malicious behaviorB . Protecting computer systems by implementing...

An attacker uncovered websites a target individual was frequently surfing. The attacker then tested those particular websites to identify possible vulnerabilities. After detecting vulnerabilities within a website, the attacker started injecting malicious script/code into the web application that would redirect the webpage and download the malware on to the victim's...

A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated with computer security incidents. Identify the procedure that is NOT part of the computer risk policy?A . Procedure to identify security funds to hedge riskB . Procedure to monitor the efficiency of security...

Computer forensics is methodical series of techniques and procedures for gathering evidence from computing equipment, various storage devices and or digital media that can be presented in a course of law in a coherent and meaningful format. Which one of the following is an appropriate flow of steps in the...

An audit trail policy collects all audit trails such as series of records of computer events, about an operating system, application or user activities. Which of the following statements is NOT true for an audit trail policy:A . It helps calculating intangible losses to the organization due to incidentB ....