2025 DumpsCafe ECCouncil-212-89

Page 1

Web: www.dumpscafe.com

Email: support@dumpscafe.com

IMPORTANT NOTICE

Feedback

We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@dumpscafe.com

Support

If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at and our technical experts will provide support within 24 hours. support@dumpscafe.com

Copyright

The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement.

Question #:1

Smith employs various malware detection techniques to thoroughly examine the network and its systems for suspicious and malicious malware files. Among all techniques, which one involves analyzing the memory dumps or binary codes for the traces of malware?

Live system

Dynamic analysis

Intrusion analysis

Static analysis

Answer: D

Question #:2

After a recent email attack, Harry is analyzing the incident to obtain important information related to the incident. While investigating the incident, he is trying to extract information such as sender identity, mail server, sender’s IP address, location, and so on.

Which of the following tools Harry must use to perform this task?

Clamwin

Logly

Yesware

Sharp

Answer: C

Question #:3

Which of the following is an attack that attempts to prevent the use of systems, networks, or applications by the intended users?

Denial of service (DoS) attack

Fraud and theft

A.
B. C. D.
A.
B. C.
D.

Unauthorized access

Malicious code or insider threat attack

Answer: A

Question #:4

Your manager hands you several items of digital evidence and asks you to investigate them in the order of volatility. Which of the following is the MOST volatile?

Cache

Disk

Emails

Temp files

Answer: A

Question #:5

Which of the following best describes an email issued as an attack medium, in which several messages are sent to a mailbox to cause overflow?

Email-bombing

Masquerading

Spoofing

Smurf attack

Answer: A

Question #:6

John is a professional hacker who is performing an attack on the target organization where he tries to redirect the connection between the IP address and its target server such that when the users type in the Internet address, it redirects them to a rogue website that resembles the original website. He tries this attack using cache poisoning technique. Identify the type of attack John is performing on the target organization.

War driving

Pharming

Skimming

Pretexting

Answer: B

Question #:7

XYZ Inc. was affected by a malware attack and James, being the incident handling and response (IH&R) team personnel handling the incident, found out that the root cause of the incident is a backdoor that has bypassed the security perimeter due to an existing vulnerability in the deployed firewall. James had contained the spread of the infection and removed the malware completely. Now the organization asked him to perform incident impact assessment to identify the impact of the incident over the organization and he was also asked to prepare a detailed report of the incident.

Which of the following stages in IH&R process is James working on?

Notification

Evidence gathering and forensics analysis

Post-incident activities

Eradication

Answer: C

Question #:8

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical evidence at the crime scene.

Which of the following elements he must consider while collecting physical evidence?

Open ports, services, and operating system (OS) vulnerabilities

DNS information including domain and subdomains

Published name servers and web application source code

Removable media, cable, and publications

Answer: D

Question #:9

Identify the network security incident where intended or authorized users are prevented from using system, network, or applications by flooding the network with a high volume of traffic that consumes all existing network resources.

XSS attack

Denial-of-service

URL manipulation

SQL injection

Answer: B

Question #:10

Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket submitted regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he performed incident analysis and validation to check whether the incident is a genuine incident or a false positive.

Identify the stage he is currently in.

Post-incident activities

Incident disclosure

Incident recording and assignment

Incident triage

Answer: D

A.
B. C.
D.
A.
B. C. D.

About dumpscafe.com

dumpscafe.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests.

We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.

View list of all certification exams: All vendors

We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below.

Sales: sales@dumpscafe.com

Feedback: feedback@dumpscafe.com

Support: support@dumpscafe.com

Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.