212-89 exam

Browser data can be used to access various credentials. Which of the following tools is used to analyze the history data files in Microsoft Edge browser?A . MZ History ViewB . Browsing History ViewC . Chrome History ViewD . MZ Cache ViewView AnswerAnswer: B

Stanley is an incident handler working for TexaCorp., a United States based organization. With the growing concern of increasing emails from outside the organization, Stanley was asked to take appropriate actions to keep the security of the organization intact. In the process of detecting and containing malicious emails, Stanley was...

Rinni is an incident handler and she is performing memory dump analysis. Which of following tools she can use in order to perform a memory dump analysis?A . iNetSimB . OllyDbg and IDA ProC . Proc mon and Process ExplorerD . Scylla and Olly DumpExView AnswerAnswer: B

Which of the following information security personnel handles incidents from management and technical point of view?A . Network administratorsB . Incident manager (IM)C . Forensic investigatorsD . Threat researchersView AnswerAnswer: B

Which of the following methods help incident responders to reduce the false positive alert rates and further provide ben efts of focusing on top priority issues, thereby reducing potential risk and corporate liabilities?A . Threat contextualizationB . Threat profilingC . Threat attributionD . Threat co relationView AnswerAnswer: D

Which one of the following is Inappropriate Usage Incidents?A . Denial of Service AttackB . Reconnaissance AttackC . Access Control AttackD . Insider ThreatView AnswerAnswer: D

An organization's customers are experiencing either slower network communication or unavailability of services. In addition, network administrators are receiving alerts from security tools such as IDS/IPS and firewalls about a possible DoS/DDoS attack. In result, the organization requests the incident handling and response (IH&R) team further investigates the incident. The...

Multiple component incidents consist of a combination of two or more attacks in a system. Which of the following is not a multiple component incident?A . An attacker infecting a machine to launch a DDoS attackB . An insider intentionally deleting files from a workstationC . An attacker redirecting user...

Which of the following is not a countermeasure to eradicate cloud security incidents?A . Checking for data protection at both design and runtimeB . Disabling security options such as two factor authentication and CAPTCHAC . Patching the database vulnerabilities and improving the isolation mechanismD . Removing the malware files and...

Bonney's system has been compromised by a gruesome malware. What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading? What is the cause of this issue?A . Complaint to police in a formal way regarding the incidentB . Turnoff the infected...