Free Eccouncil 212-89 Exam Dumps and 212-89 Exam Questions

Question No: 1

MultipleChoice

Which of the following is not a best practice to eliminate the possibility of insider attacks?

Options

ADisable the users from installing unauthorized software or accessing malicious websites using the corporate network

BMonitor employee behaviors and the computer systems used by employees

CImplement secure backup and disaster recovery processes for business continuity

DAlways leave business details over voicemail or email broadcast message

Question No: 2

MultipleChoice

Computer forensics is methodical series of techniques and procedures for gathering evidence from computing equipment, various storage devices and or digital media that can be presented in a course of law in a coherent and meaningful format. Which one of the following is an appropriate flow of steps in the computer forensics process:

Options

AExamination> Analysis > Preparation > Collection > Reporting

BPreparation > Analysis > Collection > Examination > Reporting

CAnalysis > Preparation > Collection > Reporting > Examination

DPreparation > Collection > Examination > Analysis > Reporting

Question No: 3

MultipleChoice

Risk is defined as the probability of the occurrence of an incident. Risk formulation generally begins with the likeliness of an event's occurrence, the harm it may cause and is usually denoted as Risk = (events)X(Probability of occurrence)X?

Options

AMagnitude

BProbability

CConsequences

DSignificance

Question No: 4

MultipleChoice

Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following steps focus on limiting the scope and extent of an incident?

Options

AEradication

BContainment

CIdentification

DData collection

Question No: 5

MultipleChoice

Which of the following is an appropriate flow of the incident recovery steps?

Options

ASystem Operation-System Restoration-System Validation-System Monitoring

BSystem Validation-System Operation-System Restoration-System Monitoring

CSystem Restoration-System Monitoring-System Validation-System Operations

DSystem Restoration-System Validation-System Operations-System Monitoring

Question No: 6

MultipleChoice

A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated with computer security incidents. Identify the procedure that is NOT part of the computer risk policy?

Options

AProcedure to identify security funds to hedge risk

BProcedure to monitor the efficiency of security controls

CProcedure for the ongoing training of employees authorized to access the system

DProvisions for continuing support if there is an interruption in the system or if the system crashes

Question No: 7

MultipleChoice

The flow chart gives a view of different roles played by the different personnel of CSIRT. Identify the incident response personnel denoted by A, B, C, D, E, F and G.

Options

AA-Incident Analyst, B- Incident Coordinator, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager

BA- Incident Coordinator, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager

CA- Incident Coordinator, B- Constituency, C-Administrator, D-Incident Manager, E- Human Resource, F-Incident Analyst, G-Public relations

DA- Incident Manager, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Coordinator

Question No: 8

MultipleChoice

Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?

Options

AForensics Procedure Plan

BBusiness Recovery Plan

CSales and Marketing plan

DNew business strategy plan

Question No: 9

MultipleChoice

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?

Options

AHigh level incident

BMiddle level incident

CUltra-High level incident

DLow level incident

Question No: 10

MultipleChoice

The goal of incident response is to handle the incident in a way that minimizes damage and reduces recovery time and cost. Which of the following does NOT constitute a goal of incident response?

Options

ADealing with human resources department and various employee conflict behaviors.

BUsing information gathered during incident handling to prepare for handling future incidents in a better way and to provide stronger protection for systems and data.

CHelping personal to recover quickly and efficiently from security incidents, minimizing loss or theft and disruption of services.

DDealing properly with legal issues that may arise during incidents.