Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-89

Free EC-Council 212-89 Exam Questions (page: 4)

Page 4 of 53
PDF with 258 Questions

Identify the network security incident where intended or authorized users are prevented from using system, network, or applications by flooding the network with a high volume of traffic that consumes all existing network resources.

  1. SQL injection
  2. URL manipulation
  3. Denial-of-service
  4. XSS attack

Answer(s): C


Reference:

https://en.wikipedia.org/wiki/Denial-of-service_attack



Which of the following techniques prevent or mislead incident-handling process and may also affect the collection, preservation, and identification phases of the forensic investigation process?

  1. Anti-forensics
  2. Footprinting
  3. Scanning
  4. Enumeration

Answer(s): A


Reference:

https://cisomag.eccouncil.org/6-anti-forensic-techniques-that-every-digital-forensic-investigator- dreads/



Adam is an attacker who along with his team launched multiple attacks on target organization for financial benefits. Worried about getting caught, he decided to forge his identity. To do so, he created a new identity by obtaining information from different victims.

Identify the type of identity theft Adam has performed.

  1. Medical identity theft
  2. Synthetic identity theft
  3. Tax identity theft
  4. Social identity theft

Answer(s): B


Reference:

https://www.forbes.com/advisor/credit-score/what-is-synthetic-fraud/#:~:text=Synthetic%20fraud% 20is%20a%20complex,to%20create%20a%20false%20identity



Tibson works as an incident responder for MNC based in Singapore. He is investigating a web application security incident recently faced by the company. The attack is performed on a MS SQL Server hosted by the company. In the detection and analysis phase, he used regular expressions to analyze and detect SQL meta- characters that led to SQL injection attack.

Identify the regular expression used by Tibson to detect SQL injection attack on MS SQL Server.

  1. ((\.|%2E)(\.|%2E)(\/|%2F|\\|%5C))
  2. ((\.\.\\)|(\.\.\/)
  3. /exec(\s|\+)+(s|x)p\w+/ix
  4. ((\%3C)|)

Answer(s): B



Alice is a disgruntled employee of an organization. She decided to acquire critical information of the organization for some financial benefit. In order to achieve this, she started running a virtual machine on the same physical host as the victim's virtual machine and took advantage of shared physical resources (processor cache) to steal data (cryptographic key/plain text secrets) from the victim machine.

Identify the type of attack Alice is performing in the above scenario.

  1. Man-in-the-cloud attack
  2. Side channel attack
  3. SQL injection attack
  4. Service hijacking

Answer(s): B


Reference:

https://arxiv.org/abs/1606.01356



Viewing page 4 of 53



Post your Comments and Discuss EC-Council 212-89 exam prep with other Community members:

212-89 Exam Discussions & Posts