Tag - 212-89 exam

Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption Identify the correct sequence of steps involved in forensic readiness planning.A . 2-->3-->1->4->6->5-->7-->8B . 3-->4-->8->7->6->1-->2-->5C . 3-->1-->4->5->8->2-->6-->7D . 1-->2-->3->4->5->6-->7-->8View AnswerAnswer: B

Which of the following is a standard framework that provides recommendations for implementing information security controls for organizations that initiate, implement, or maintain information security management systems (ISMSs)?A . ISO/IEC27035B . RFC 2196C . PCI DSSD . ISO/IEC27002View AnswerAnswer: D

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical evidence at the crime scene. Which of the following elements he must consider while collecting physical evidence?A . Published nameservers and web application source codeB . DNS information including domain and subdomainsC . Removable media,...

A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to the agency's reporting timeframe guidelines, this incident should be reported within 2h of discovery/detection if the successful attack is still ongoing and the agency is...

Which of the following risk mitigation strategies involves the execution of controls to reduce the risk factor and bring it to an acceptable level, or accepts the potential risk and continues operating the IT system?A . Risk assumptionB . Risk planningC . Risk transferenceD . Risk avoidanceView AnswerAnswer: A

Which of the following encoding techniques replaces unusual ASCII characters with "%" followed by the character's two-digit ASCII code expressed in hexadecimal?A . Unicode encodingB . URL encodingC . HTML encodingD . Base 64 encodingView AnswerAnswer: B

Which of the following tools helps incident handlers to view the filesystem, retrieve deleted data, perform timeline analysis, web art facts, etc., during an incident response process?A . Process ExplorerB . nbtstatC . AutopsyD . netstatView AnswerAnswer: C

Marley was asked by his incident handing and response (IH&R) team lead to collect volatile data such as system information and network information present in the registries, cache, and RAM of victim's system. Identify the data acquisition method Marley must employ to collect volatile data.A . Live data acquisitionB ....

Rose is an incident-handler and is responsible for detecting and eliminating any kind of scanning attempts over the network by malicious threat actors. Rose uses Wire shark to sniff the network and detect any malicious activities going on. Which of the following Wireshark filters can be used by her to...

Eve is an incident handler in ABC organization. One day, she got a complaint about an email hacking incident from one of the employees of the organization. As a part of incident handling and response process, she must follow a number of recovery steps in order to recover from the...