212-89

James is working as an incident responder at Cyber Sol Inc. The management instructed James to investigate a cybersecurity incident that recently happened in the company. As a part of the investigation process, James started collecting volatile information from a system running on Windows operating system. Which of the following...

Policies are designed to protect the organizational resources on the network by establishing the set rules and procedures. Which of the following policies authorizes a group of users to perform a set of actions on a set of resources?A . Access control policyB . Audit trail policyC . Logging policyD...

In a qualitative risk analysis, risk is calculated in terms of:A . (Attack Success + Criticality) C(Countermeasures)B . Asset criticality assessment C (Risks and Associated Risk Levels)C . Probability of Loss X LossD . (Countermeasures + Magnitude of Impact) C (Reports from prior risk assessments)View AnswerAnswer: C

An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?A . Creating new business processes to maintain profitability after incidentB . Providing a standard for testing the...

Identify the malicious program that is masked as a genuine harmless program and gives the attacker unrestricted access to the user’s information and system. These programs may unleash dangerous programs that may erase the unsuspecting user’s disk and send the victim’s credit card numbers and passwords to a stranger.A ....

Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she is performing threat attribution that deals with the identification of the specific person, society, or country sponsoring a...

Risk is defined as the probability of the occurrence of an incident. Risk formulation generally begins with the likeliness of an event’s occurrence, the harm it may cause and is usually denoted as Risk = ∑(events)X (Probability of occurrence) X?A . MagnitudeB . ProbabilityC . ConsequencesD . SignificanceView AnswerAnswer: A

Which of the following GPG 18 and Forensic readiness planning(SPF) principles states that “organizations should adopt a scenario based Forensic Readiness Planning approach that learns from experience gained within the business"?A . Principle 2B . Principle 5C . Principle 3D . Principle 7View AnswerAnswer: B

In the Control Analysis stage of the NIST’s risk assessment methodology, technical and none technical control methods are classified into two categories. What are these two control categories?A . Preventive and Detective controlsB . Detective and Disguised controlsC . Predictive and Detective controlsD . Preventive and predictive controlsView AnswerAnswer: A

Multiple component incidents consist of a combination of two or more attacks in a system. Which of the following is not a multiple component incident?A . An insider intentionally deleting files from a workstationB . An attacker redirecting user to a malicious website and infects his system with TrojanC ....