Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-89

Free EC-Council 212-89 Exam Questions (page: 3)

Page 3 of 53
PDF with 258 Questions

Mr. Smith is a lead incident responder of a small financial enterprise having few branches in Australia.

Recently, the company suffered a massive attack losing USD 5 million through an inter-banking system. After in-depth investigation on the case, it was found out that the incident occurred because 6 months ago the attackers penetrated the network through a minor vulnerability and maintained the access without any user being aware of it. Then, he tried to delete user's fingerprints and performed a lateral movement to the computer of a person with privileges in the inter-banking system. Finally, the attacker gained access and did fraudulent transactions.

Based on the above scenario, identify the most accurate kind of attack.

  1. Phishing
  2. Ransomware attack
  3. APT attack
  4. Denial-of-service attack

Answer(s): C


Reference:

https://en.wikipedia.org/wiki/Advanced_persistent_threat



James is a professional hacker and is employed by an organization to exploit their cloud services. In order to achieve this, James created anonymous access to the cloud services to carry out various attacks such as password and key cracking, hosting malicious data, and DDoS attacks.

Which of the following threats is he posing to the cloud platform?

  1. Insufficient due diligence
  2. Insecure interface and APIs
  3. Data breach/loss
  4. Abuse and nefarious use of cloud services

Answer(s): D



Shally, an incident handler, is working for a company named Texas Pvt. Ltd. based in Florida. She was asked to work on an incident response plan. As part of the plan, she decided to enhance and improve the security infrastructure of the enterprise. She has incorporated a security strategy that allows security professionals to use several protection layers throughout their information system. Due to multiple layer protection, this security strategy assists in preventing direct attacks against the organization's information system as a break in one layer only leads the attacker to the next layer.

Identify the security strategy Shally has incorporated in the incident response plan.

  1. Covert channels
  2. Three-way handshake
  3. Defense-in-depth
  4. Exponential backoff algorithm

Answer(s): C


Reference:

https://en.wikipedia.org/wiki/Defense_in_depth_(computing)



Ikeo Corp. hired an incident response team to assess the enterprise security. As part of the incident handling and response process, the IR team is reviewing the current security policies implemented by the enterprise. The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any application, and access a computer or network from a remote location. Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers.
Which of the following security policies is the IR team planning to modify?

  1. Promiscuous policy
  2. Prudent policy
  3. Paranoid policy
  4. Permissive policy

Answer(s): A


Reference:

https://info-savvy.com/what-is-information-security-policies-what-r-the-types-of-security-policies/
#:~:text=Promiscuous%20Policy%3A,network%20from%20a%20foreign%20location



Which of the following is not the responsibility of first responders?

  1. Packaging and transporting the electronic evidence
  2. Identifying the crime scene
  3. Preserving temporary and fragile evidence and then shut down or reboot the victim's computer
  4. Protecting the crime scene

Answer(s): C



Viewing page 3 of 53



Post your Comments and Discuss EC-Council 212-89 exam prep with other Community members:

212-89 Exam Discussions & Posts