Which of the following are malicious software programs that infect computers and corrupt or deletethe data on them?
A. Trojans
B. Spyware
C. Worms
D. Virus
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Stanley works as an incident responder at a top MNC based in Singapore. He was asked to investigate a cybersecurity incident that recently occurred in the company. While investigating the incident, he collected evidence from the victim systems. He must present this evidence in a clear and comprehensible manner to the members of a jury so that the evidence clarifies the facts and further helps in obtaining an expert opinion on the incident to confirm the investigation process. In the above scenario, which of the following characteristics of the digital evidence did Stanley attempt to preserve?
A. Admissibility
B. Believability
C. Completeness
D. Authenticity
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
An organization's customers are experiencing either slower network communication or unavailability of services. In addition, network administrators are receiving alerts from security tools such as IDS/IPS and firewalls about a possible DoS/DDoS attack. In result, the organization requests the incident handling and response (IH&R) team further investigates the incident. The IH&R team decides to use manual techniques to detect DoS/DDoS attack.
Which of the following commands helps the IH&R team to manually detect DoS/DDoS attack?
A. netstat -r
B. nbtstat /c
C. netstat an
D. nbtstat/S
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
The following steps describe the key activities in forensic readiness planning:
1. Train the staff to handle the incident and preserve the evidence
2. Create a special process for documenting the procedure
3. Identify the potential evidence required for an incident
4. Determine the source of the evidence
5. Establish a legal advisory board to guide the investigation process
6. Identify if the incident requires full or formal investigation
7. Establish a policy for securely handling and storing the collected evidence
8. Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption Identify the correct sequence of steps involved in forensic readiness planning.
A. 3-->4-->8-->7-->6-->1-->2-->5
B. 3-->1-->4-->5-->8-->2-->6-->7
C. 2-->3-->1-->4-->6-->5-->7-->8
D. 1-->2-->3-->4-->5-->6-->7-->8
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Alex is an incident handler for Tech-o-Tech Inc. and is tasked to identify any possible insider threats within his organization. Which of the following insider threat detection techniques can be used by Alex to detect insider threats based on the behavior of a suspicious employee, both individually and in a group?
A. Physical detection
B. behaviorial analysis
C. Profiling
D. Mole detection
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
James has been appointed as an incident handling and response (IH&R) team lead and he was assigned to build an IH&R plan along with his own team in the company.
Identify the IH&R process step James is currently working on.
A. Preparation
B. Eradication
C. Notification
D. Recovery
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Ikeo Corp, hired an incident response team to assess the enterprise security. As part of the incident handling and response process, the IR team is reviewing the current security policies implemented by the enterprise.
The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any application, and access a computer or network from a remote location.
Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers. Which of the following security policies is the IR team planning to modify?
A. Prudent policy
B. Paranoic policy
C. Promiscuous policy
D. Permissive policy
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
Which of the following is the ECIH phase that involves removing or eliminating the root cause of an incident and closing all attack vectors to prevent similar incidents in the future?
A. Eradication
B. Vulnerability management phase
C. Containment
D. Recovery
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
During the vulnerability assessment phase, the incident responders perform various steps as below:
1. Run vulnerability scans using tools
2. Identify and prioritize vulnerabilities
3. Examine and evaluate physical security
4. Perform OSINT information gathering to validate the vulnerabilities
5. Apply business and technology context to scanner results
6. Check for misconfigurations and human errors
7. Create a vulnerability scan report
Identify the correct sequence of vulnerability assessment steps performed by the incident responders.
A. 4-->1-->2-->3-->6-->5-->7
B. 3-->6-->1-->2-->5-->4-->7
C. 1-->3-->2-->4-->5-->6-->7
D. 2-->1-->4-->7-->5-->6-->3
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
江东** -
PCでもスマホでも出来るようなので、この212-89テキストもやる気がわいてくるような気がします。