212-89 exam

One of the main objectives of incident management is to prevent incidents and attacks by tightening the physical security of the system or infrastructure. According to CERT’s incident management process, which stage focuses on implementing infrastructure improvements resulting from postmortem reviews or other process improvement mechanisms?A . ProtectionB . PreparationC...

Computer Forensics is the branch of forensic science in which legal evidence is found in any computer or any digital media device. Of the following, who is responsible for examining the evidence acquired and separating the useful evidence?A . Evidence SupervisorB . Evidence DocumenterC . Evidence ManagerD . Evidence Examiner/...

A threat source does not present a risk if NO vulnerability that can be exercised for a particular threat source. Identify the step in which different threat sources are defined: A . Identification VulnerabilitiesB . Control analysisC . Threat identificationD . System characterizationView AnswerAnswer: C

The type of relationship between CSIRT and its constituency have an impact on the services provided by the CSIRT. Identify the level of the authority that enables members of CSIRT to undertake any necessary actions on behalf of their constituency?A . Full-level authorityB . Mid-level authorityC . Half-level authorityD ....

Policies are designed to protect the organizational resources on the network by establishing the set rules and procedures. Which of the following policies authorizes a group of users to perform a set of actions on a set of resources?A . Access control policyB . Audit trail policyC . Logging policyD...

A computer virus hoax is a message warning the recipient of non-existent computer virus. The message is usually a chain e-mail that tells the recipient to forward it to every one they know. Which of the following is NOT a symptom of virus hoax message?A . The message prompts the...

ADAM, an employee from a multinational company, uses his company’s accounts to send e-mails to a third party with their spoofed mail address. How can you categorize this type of account?A . Inappropriate usage incidentB . Unauthorized access incidentC . Network intrusion incidentD . Denial of Service incidentView AnswerAnswer: A

Identify the network security incident where intended authorized users are prevented from using system, network, or applications by flooding the network with high volume of traffic that consumes all existing network resources.A . URL ManipulationB . XSS AttackC . SQL InjectionD . Denial of Service AttackView AnswerAnswer: D

Which one of the following is the correct sequence of flow of the stages in an incident response:A . Containment - Identification - Preparation - Recovery - Follow-up - EradicationB . Preparation - Identification - Containment - Eradication - Recovery - Follow-upC . Eradication - Containment - Identification - Preparation...

An incident is analyzed for its nature, intensity and its effects on the network and systems. Which stage of the incident response and handling process involves auditing the system and network log files?A . Incident recordingB . ReportingC . ContainmentD . IdentificationView AnswerAnswer: D