Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-89

Free EC-Council 212-89 Exam Questions (page: 2)

Page 2 of 53
PDF with 258 Questions

The following steps describe the key activities in forensic readiness planning:

1. Train the staff to handle the incident and preserve the evidence
2. Create a special process for documenting the procedure
3. Identify the potential evidence required for an incident
4. Determine the source of the evidence
5. Establish a legal advisory board to guide the investigation process
6. Identify if the incident requires full or formal investigation
7. Establish a policy for securely handling and storing the collected evidence
8. Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption

Identify the correct sequence of steps involved in forensic readiness planning.

  1. 2-->3-->1-->4-->6-->5-->7-->8
  2. 3-->1-->4-->5-->8-->2-->6-->7
  3. 3-->4-->8-->7-->6-->1-->2-->5
  4. 1-->2-->3-->4-->5-->6-->7-->8

Answer(s): C


Reference:

https://info-savvy.com/forensic-readiness-planning/



Bob, an incident responder at CyberTech Solutions, is investigating a cybercrime attack occurred in the client company. He acquired the evidence data, preserved it, and started performing analysis on acquired evidentiary data to identify the source of the crime and the culprit behind the incident.

Identify the forensic investigation phase in which Bob is currently in.

  1. Post-investigation phase
  2. Vulnerability assessment phase
  3. Pre-investigation phase
  4. Investigation phase

Answer(s): D


Reference:

https://resources.infosecinstitute.com/topic/computer-forensics-investigation-case-study/



John is a professional hacker who is performing an attack on the target organization where he tries to redirect the connection between the IP address and its target server such that when the users type in the Internet address, it redirects them to a rogue website that resembles the original website. He tries this attack using cache poisoning technique.

Identify the type of attack John is performing on the target organization.

  1. Pharming
  2. War driving
  3. Skimming
  4. Pretexting

Answer(s): A


Reference:

https://usa.kaspersky.com/resource-center/definitions/pharming



Otis is an incident handler working in Delmont organization. Recently, the organization is facing several setbacks in the business and thereby its revenues are going down. Otis was asked to take the charge and look into the matter.
While auditing the enterprise security, he found the traces of an attack, where the proprietary information was stolen from the enterprise network and was passed onto the competitors.

Which of the following information security incidents Delmont organization faced?

  1. Network and resource abuses
  2. Unauthorized access
  3. Espionage
  4. Email-based abuse

Answer(s): C


Reference:

https://www.vmware.com/topics/glossary/content/cyber-espionage.html



Identify the malicious program that is masked as a genuine harmless program and gives the attacker unrestricted access to the user's information and system. These programs may unleash dangerous programs that may erase the unsuspecting user's disk and send the victim's credit card numbers and passwords to a stranger.

  1. Virus
  2. Adware
  3. Worm
  4. Trojan

Answer(s): D


Reference:

https://www.techtarget.com/searchsecurity/definition/Trojan-horse



Viewing page 2 of 53



Post your Comments and Discuss EC-Council 212-89 exam prep with other Community members:

212-89 Exam Discussions & Posts