212-89 Exam Questions

Which of the following risk management processes identifies the risks, estimates the impact, and determines sources to recommend proper mitigation measures?

Eric is an incident responder and is working on developing incident-handling plans and procedures. As part of this process, he is performing an analysis on the organizational netwo...

Miko was hired as an incident handler in XYZ company. His first task was to identify the PING sweep attempts inside the network. For this purpose, he used Wireshark to analyze the...

QualTech Solutions is a leading security services enterprise. Dickson, who works as an incident responder with this firm, is performing a vulnerability assessment to identify the s...

James is working as an incident responder at CyberSol Inc. The management instructed James to investigate a cybersecurity incident that recently happened in the company. As a part...

Which of the following types of digital evidence is temporarily stored in a digital device that requires constant power supply and is deleted if the power supply is interrupted?

You are talking to a colleague who Is deciding what information they should include in their organization's logs to help with security auditing. Which of the following items should...

Which of the following tools helps incident responders effectively contain a potential cloud security incident and gather required forensic evidence?

Investigator Ian gives you a drive image to investigate. What type of analysis are you performing?

Oscar receives an email from an unknown source containing his domain name oscar.com. Upon checking the link, he found that it contains a malicious URL that redirects to the website...

Alexis works as an incident responder at XYZ organization. She was asked to identify and attribute the actors behind an attack that occurred recently. For this purpose, she is perf...

Ren is assigned to handle a security incident of an organization. He is tasked with forensics investigation to find the evidence needed by the management. Which of the following st...

Which of the following is a technique used by attackers to make a message difficult to understand through the use of ambiguous language?

Which of the following has been used to evade IDS and IPS?

What is the most recent NIST standard for incident response?

SWA Cloud Services added PKI as one of their cloud security controls. What does PKI stand for?

Racheal is an incident handler working in InceptionTech organization. Recently, numerous employees are complaining about receiving emails from unknown senders. In order to prevent...

Which of the following is a term that describes the combination of strategies and services intended to restore data, applications, and other resources to the public cloud or dedica...

If a hacker cannot find any other way to attack an organization, they can influence an employee or a disgruntled staff member. What type of threat is this?

During the vulnerability assessment phase, the incident responders perform various steps as below: 1. Run vulnerability scans using tools 2. Identify and prioritize vulnerabilities...

Which of the following is not a countermeasure to eradicate cloud security incidents?

An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of maintenance. The organization identified various risks and threats associated with...

Which of the following is not a countermeasure to eradicate inappropriate usage incidents?

An incident handler is analyzing email headers to find out suspicious emails. Which of the following tools he/she must use in order to accomplish the task?

Rinni is an incident handler and she is performing memory dump analysis. Which of following tools she can use in order to perform memory dump analysis?

In which of the following types of insider threats an insider who is uneducated on potential security threats or simply bypasses general security procedures to meet workplace effic...

Johnson an incident handler is working on a recent web application attack faced by the organization. As part of this process, he performed data preprocessing in order to analyzing...

Which stage of the incident response and handling process involves auditing the system and network log files?

Identify Sarbanes-Oxley Act (SOX) Title, which consists of only one section, that includes measures designed to help restore investor confidence in the reporting of securities anal...

Which of the following GPG18 and Forensic readiness planning (SPF) principles states that "organizations should adopt a scenario based Forensic Readiness Planning approach that lea...

Darwin is an attacker residing within the organization and is performing network sniffing by running his system in promiscuous mode. He is capturing and viewing all the network pac...

Jason is an incident handler dealing with malware incidents. He was asked to perform memory dump analysis in order to collect the information about the basic functionality of any p...

Which of the following encoding techniques replaces unusual ASCII characters with "%" followed by the character's two-digit ASCII code expressed in hexadecimal?

For analyzing the system, the browser data can be used to access various credentials. Which of the following tools is used to analyze the history data files in Microsoft Edge brows...

Stanley works as an incident responder at a top MNC based out of Singapore. He was asked to investigate a cybersecurity incident that recently occurred in the company. While invest...

A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to agency's reporting timefram...

Eric works as a system administrator in ABC organization. He granted privileged users with unlimited permissions to access the systems. These privileged users can misuse their righ...

During the process of detecting and containing malicious emails, incident responders should examine the originating IP address of the emails. The steps to examine the originating I...

Bran is an incident handler who is assessing the network of the organization. In the process, he wants to detect ping sweep attempts on the network using Wireshark tool. Which of t...

In which of the following phases of incident handling and response (IH&R) process the identified security incidents are analyzed, validated, categorized, and prioritized?

Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she...

XYZ Inc. was affected by a malware attack and James, being the incident handling and response (IH&R) team personnel handling the incident, found out that the root cause of the inci...

Mr. Smith is a lead incident responder of a small financial enterprise having few branches in Australia. Recently, the company suffered a massive attack losing USD 5 million throug...

Which of the following risk mitigation strategies involves execution of controls to reduce the risk factor and brings it to an acceptable level or accepts the potential risk and co...

The following steps describe the key activities in forensic readiness planning: 1. Train the staff to handle the incident and preserve the evidence 2. Create a special process for...

Tibson works as an incident responder for MNC based in Singapore. He is investigating a web application security incident recently faced by the company. The attack is performed on...

Robert is an incident handler working for Xsecurity Inc. One day, his organization faced a massive cyberattack and all the websites related to the organization went offline. Robert...

Clark, a professional hacker, exploited the web application of a target organization by tampering the form and parameter values. He successfully exploited the web application and g...

Eric who is an incident responder is working on developing incident-handling plans and procedures. As part of this process, he is performing analysis on the organizational network...

Drake is an incident handler in Dark CLoud Inc. He is intended to perform log analysis in order to detect traces of malicious activities within the network infrastructure. Which of...