EC-Council 212-89 Exam Questions
EC-Council Certified Incident Handler (Page 4 )

Identify the network security incident where intended or authorized users are prevented from using system, network, or applications by flooding the network with a high volume of traffic that consumes all existing network resources.

Which of the following techniques prevent or mislead incident-handling process and may also affect the collection, preservation, and identification phases of the forensic investigation process?

Adam is an attacker who along with his team launched multiple attacks on target organization for financial benefits. Worried about getting caught, he decided to forge his identity. To do so, he created a new identity by obtaining information from different victims.

Identify the type of identity theft Adam has performed.

Tibson works as an incident responder for MNC based in Singapore. He is investigating a web application security incident recently faced by the company. The attack is performed on a MS SQL Server hosted by the company. In the detection and analysis phase, he used regular expressions to analyze and detect SQL meta- characters that led to SQL injection attack.

Identify the regular expression used by Tibson to detect SQL injection attack on MS SQL Server.

Alice is a disgruntled employee of an organization. She decided to acquire critical information of the organization for some financial benefit. In order to achieve this, she started running a virtual machine on the same physical host as the victim's virtual machine and took advantage of shared physical resources (processor cache) to steal data (cryptographic key/plain text secrets) from the victim machine.

Identify the type of attack Alice is performing in the above scenario.