EC-COUNCIL EC Council Certified Incident Handler (ECIH v3) - 212-89무료 덤프문제 풀어보기
Who is mainly responsible for providing proper network services and handling network-related incidents in all the cloud service models?
정답: D
설명: (Fast2test 회원만 볼 수 있음)
Which of the following does NOT reduce the success rate of SQL injection?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
Farheen is an incident responder at reputed IT Firm based in Florida. Farheen was asked to investigate a recent cybercrime faced by the organization. As part of this process, she collected static data from a victim system. She used DD tool command to perform forensic duplication to obtain an NTFS image of the original disk. She created a sector-by-sector mirror imaging of the disk and saved the output image file as image.dd.
Identify the static data collection process step performed by Farheen while collecting static data.
Identify the static data collection process step performed by Farheen while collecting static data.
정답: A
설명: (Fast2test 회원만 볼 수 있음)
James is a professional hacker and is employed by an organization to exploit their cloud services. In order to achieve this, James created anonymous access to the cloud services to carry out various attacks such as password and key cracking, hosting malicious data, and DDoS attacks. Which of the following threats is he posing to the cloud platform?
정답: C
설명: (Fast2test 회원만 볼 수 있음)
BadGuy Bob hid files in the slack space, changed the file headers, hid suspicious files in executables, and changed the metadata for all types of files on his hacker laptop. What has he committed?
정답: D
설명: (Fast2test 회원만 볼 수 있음)
Dash wants to perform a DoS attack over 256 target URLs simultaneously.
Which of the following tools can Dash employ to achieve his objective?
Which of the following tools can Dash employ to achieve his objective?
정답: A
설명: (Fast2test 회원만 볼 수 있음)
During a routine security audit, an executive's mobile device began exhibiting signs of compromise, including frequent crashes, unrecognized applications, and abnormal data consumption. The organization's IR team conducted multiple antivirus scans and attempted standard malware removal procedures, but the threat continued to persist. Further investigation suggested that the malware was embedded in a background service configured to reinitialize upon reboot. Concerned about the potential risk of data exfiltration or further infection, the team decided to isolate the device and initiate a tailored eradication strategy to remove the threat without activating it. Which eradication step is most appropriate in this situation?
정답: A
설명: (Fast2test 회원만 볼 수 있음)
During an internal audit following a surge in unauthorized financial transactions, a multinational investment firm's IR team uncovers evidence of an orchestrated campaign targeting senior staff. The attackers had pieced together fragments of sensitive data by mining executive digital footprints, reviewing online publications, and analyzing company-related mentions on external platforms. Later, they engaged directly with employees under fabricated personas, conducting scripted interviews to extract missing identifiers. With the assembled profile data, the adversaries submitted diversion requests for financial correspondence and used these to impersonate executives and execute fraudulent transfers. Forensic analysis revealed no signs of malware infection or system-level compromise. Which technique best aligns with the adversary's method of obtaining the initial sensitive information?
정답: A
설명: (Fast2test 회원만 볼 수 있음)
Jason is setting up a computer forensics lab and must perform the following steps: 1. physical location and structural design considerations; 2. planning and budgeting; 3. work area considerations; 4. physical security recommendations; 5. forensic lab licensing; 6. human resource considerations. Arrange these steps in the order of execution.
정답: C
설명: (Fast2test 회원만 볼 수 있음)
Bonney's system has been compromised by a gruesome malware.
What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?
What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
Which of the following GPG18 and Forensic readiness planning (SPF) principles states that "organizations should adopt a scenario based Forensic Readiness Planning approach that learns from experience gained within the business"?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
Rose is an incident-handling person and she is responsible for detecting and eliminating any kind of scanning attempts over the network by any malicious threat actors. Rose uses Wireshark tool to sniff the network and detect any malicious activities going on.
Which of the following Wireshark filters can be used by her to detect TCP Xmas scan attempt by the attacker?
Which of the following Wireshark filters can be used by her to detect TCP Xmas scan attempt by the attacker?
정답: C
설명: (Fast2test 회원만 볼 수 있음)
Daniel, a SOC analyst, detects multiple incoming TCP requests to the organization's mail server from different IPs. However, none of the requests complete the handshake. He suspects a potential attempt to exhaust server resources and confirms this with netstat logs. Which type of protocol-level incident is Daniel identifying?
정답: A
설명: (Fast2test 회원만 볼 수 있음)
For analyzing the system, the browser data can be used to access various credentials.
Which of the following tools is used to analyze the history data files in Microsoft Edge browser?
Which of the following tools is used to analyze the history data files in Microsoft Edge browser?
정답: A
설명: (Fast2test 회원만 볼 수 있음)