212-89 exam

Which of the following is an appropriate flow of the incident recovery steps?A . System Operation-System Restoration-System Validation-System MonitoringB . System Validation-System Operation-System Restoration-System MonitoringC . System Restoration-System Monitoring-System Validation-System OperationsD . System Restoration-System Validation-System Operations-System MonitoringView AnswerAnswer: D

A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:A . TrojansB . ZombiesC . SpywareD...

Organizations or incident response teams need to protect the evidence for any future legal actions that may be taken against perpetrators that intentionally attacked the computer system. EVIDENCE PROTECTION is also required to meet legal compliance issues. Which of the following documents helps in protecting evidence from physical or logical...

Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part...

An incident is analyzed for its nature, intensity and its effects on the network and systems. Which stage of the incident response and handling process involves auditing the system and network log files?A . Incident recordingB . ReportingC . ContainmentD . IdentificationView AnswerAnswer: D

The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:A . If the insider’s technical literacy is low and process knowledge is high, the risk posed by the threat will be insignificant.B . If the insider’s technical literacy and process...

Which of the following incident recovery testing methods works by creating a mock disaster, like fire to identify the reaction of the procedures that are implemented to handle such situations?A . Scenario testingB . Facility testingC . Live walk-through testingD . Procedure testingView AnswerAnswer: D

Risk management consists of three processes, risk assessment, mitigation and evaluation. Risk assessment determines the extent of the potential threat and the risk associated with an IT system through its SDLC. How many primary steps does NIST’s risk assessment methodology involve?A . TwelveB . FourC . SixD . NineView AnswerAnswer:...

Which among the following CERTs is an Internet provider to higher education institutions and various other research institutions in the Netherlands and deals with all cases related to computer security incidents in which a customer is involved either as a victim or as a suspect?A . NET-CERTB . DFN-CERTC ....

The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/ services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service attack?A . SAM serviceB . POP3 serviceC . SMTP serviceD . Echo serviceView AnswerAnswer:...