Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-89

Free EC-Council 212-89 Exam Questions (page: 6)

Page 6 of 53
PDF with 258 Questions

Alex is an incident handler for Tech-o-Tech Inc. and he is intended to identify any possible insider threats in his organization.

Which of the following insider threat detection techniques can be used by him to detect insider threats based on the behavior of a doubtful employee both individually and in a group?

  1. Mole detection
  2. Physical detection
  3. Profiling
  4. Behavioral analysis

Answer(s): D



Which of the following is the correct flow of the stages in an incident handling and response (IH&R) process?

  1. Containment--> Incident recording--> Incident triage--> Preparation--> Recovery--> Eradication--> Post- incident activities
  2. Incident recording--> Preparation--> Containment--> Incident triage--> Recovery--> Eradication--> Post- incident activities
  3. Preparation--> Incident recording--> Incident triage--> Containment--> Eradication--> Recovery--> Post- incident activities
  4. Incident triage--> Eradication--> Containment--> Incident recording--> Preparation--> Recovery--> Post- incident activities

Answer(s): C


Reference:

https://www.cm-alliance.com/cybersecurity-blog/what-are-the-6-phases-in-a-cyber-incident- response-plan



For analyzing the system, the browser data can be used to access various credentials.

Which of the following tools is used to analyze the history data files in Microsoft Edge browser?

  1. MZHistoryView
  2. MZCacheView
  3. ChromeHistroryView
  4. BrowsingHistoryView

Answer(s): D


Reference:

https://www.nirsoft.net/articles/view-edge-history.html



Which of the following information security personnel handles incidents from management and technical point of view?

  1. Threat researchers
  2. Incident manager (IM)
  3. Forensic investigators
  4. Network administrators

Answer(s): B


Reference:

https://www.atlassian.com/incident-management/incident-response/incident-commander#2-why-do- teams-need-an-incident-commander



An attacker traced out and found the kind of websites a target company/individual is frequently surfing and tested those particular websites to identify any possible vulnerabilities.
When the attacker detected vulnerabilities in the website, the attacker started injecting malicious script/code into the web application that can redirect the webpage and download the malware onto the victim's machine. After infecting the vulnerable web application, the attacker waited for the victim to access the infected web application.

Identify the type of attack performed by the attacker.

  1. Watering hole
  2. Directory traversal
  3. Cookie/Session Poisoning
  4. Obfuscation application

Answer(s): A


Reference:

https://en.wikipedia.org/wiki/Watering_hole_attack



Viewing page 6 of 53



Post your Comments and Discuss EC-Council 212-89 exam prep with other Community members:

212-89 Exam Discussions & Posts