Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-89

Free EC-Council 212-89 Exam Questions (page: 7)

Page 7 of 53
PDF with 258 Questions

Rinni is an incident handler and she is performing memory dump analysis.

Which of following tools she can use in order to perform memory dump analysis?

  1. Scylla and OllyDumpEx
  2. OllyDbg and IDA Pro
  3. Procmon and ProcessExplorer
  4. iNetSim

Answer(s): A


Reference:

https://ccdcoe.org/uploads/2020/07/Malware-Reverse-Engineering-Handbook-final.pdf



Which of the following terms refers to an organization's ability to make optimal use of digital evidence in a limited period of time and with minimal investigation costs?

  1. Threat assessment
  2. Risk assessment
  3. Forensic readiness
  4. Data analysis

Answer(s): C


Reference:

https://info-savvy.com/what-is-forensics-readiness/#:~:text=Forensics%20Readiness%20refers% 20to%20an,and%20with%20minimal%20investigation%20costs



Chandler is a professional hacker who is targeting Technote organization. He wants to obtain important organizational information that is being transmitted between different hierarchies. In the process, he is sniffing the data packets transmitted through the network and then analyzing them to gather packet details such as network, ports, protocols, devices, issues in network transmission, and other network specifications.

Which of the following tools Chandler must employ to perform packet analysis?

  1. shARP
  2. Omnipeek
  3. BeEf
  4. IDAPro

Answer(s): B


Reference:

https://mypeek.liveaction.com/elements/mypeek_documentation/manuals/ OmniPeek_GettingStarted.pdf



Smith employs various malware detection techniques to thoroughly examine the network and its systems for suspicious and malicious malware files.

Among all techniques, which one involves analyzing the memory dumps or binary codes for the traces of malware?

  1. Live system
  2. Dynamic analysis
  3. Intrusion analysis
  4. Static analysis

Answer(s): D


Reference:

https://subscription.packtpub.com/book/networking-and-servers/9781788392501/1/ ch01lvl1sec13/4-types-of-malware-analysis



James has been appointed as an incident handling and response (IH&R) team lead and he was assigned to build an IH&R plan along with his own team in the company.

Identify the IH&R process step James is currently working on.

  1. Notification
  2. Recovery
  3. Preparation
  4. Eradication

Answer(s): C


Reference:

https://digitalguardian.com/blog/five-steps-incident-response



Viewing page 7 of 53



Post your Comments and Discuss EC-Council 212-89 exam prep with other Community members:

212-89 Exam Discussions & Posts