212-89 exam

The goal of incident response is to handle the incident in a way that minimizes damage and reduces recovery time and cost. Which of the following does NOT constitute a goal of incident response?A . Dealing with human resources department and various employee conflict behaviors.B . Using information gathered during...

Rose is an incident-handler and is responsible for detecting and eliminating any kind of scanning attempts over the network by malicious threat actors. Rose uses Wire shark to sniff the network and detect any malicious activities going on. Which of the following Wire shark filters can be used by her...

Which among the following CERTs is an Internet provider to higher education institutions and various other research institutions in the Netherlands and deals with all cases related to computer security incidents in which a customer is involved either as a victim or as a suspect?A . NET-CERTB . DFN-CERTC ....

When an employee is terminated from his or her job, what should be the next immediate step taken by an organization?A . All access rights of the employee to physical locations, networks, systems, applications and data should be disabledB . The organization should enforce separation of dutiesC . The access...

Risk management consists of three processes, risk assessment, mitigation and evaluation. Risk assessment determines the extent of the potential threat and the risk associated with an IT system through its SDLC. How many primary steps does NIST’s risk assessment methodology involve?A . TwelveB . FourC . SixD . NineView AnswerAnswer:...

James is working as an incident responder at Cyber Sol Inc. The management instructed James to investigate a cybersecurity incident that recently happened in the company. As a part of the investigation process, James started collecting volatile information from a system running on Windows operating system. Which of the following...

Policies are designed to protect the organizational resources on the network by establishing the set rules and procedures. Which of the following policies authorizes a group of users to perform a set of actions on a set of resources?A . Access control policyB . Audit trail policyC . Logging policyD...

In a qualitative risk analysis, risk is calculated in terms of:A . (Attack Success + Criticality) C(Countermeasures)B . Asset criticality assessment C (Risks and Associated Risk Levels)C . Probability of Loss X LossD . (Countermeasures + Magnitude of Impact) C (Reports from prior risk assessments)View AnswerAnswer: C

An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?A . Creating new business processes to maintain profitability after incidentB . Providing a standard for testing the...

Identify the malicious program that is masked as a genuine harmless program and gives the attacker unrestricted access to the user’s information and system. These programs may unleash dangerous programs that may erase the unsuspecting user’s disk and send the victim’s credit card numbers and passwords to a stranger.A ....