212-89 Online Practice Questions and Answers

Policies are designed to protect the organizational resources on the network by establishing the set rules and procedures. Which of the following policies authorizes a group of users to perform a set of actions on a set of resources?

A. Access control policy

B. Audit trail policy

C. Logging policy

D. Documentation policy

The data on the affected system must be backed up so that it can be retrieved if it is damaged during incident response. The system backup can also be used for further investigations of the incident. Identify the stage of the incident response and handling process in which complete backup of the infected system is carried out?

A. Containment

B. Eradication

C. Incident recording

D. Incident investigation

A computer virus hoax is a message warning the recipient of non-existent computer virus. The message is usually a chain e-mail that tells the recipient to forward it to every one they know. Which of the following is NOT a symptom of virus hoax message?

A. The message prompts the end user to forward it to his / her e-mail contact list and gain monetary benefits in doing so

B. The message from a known email id is caught by SPAM filters due to change of filter settings

C. The message warns to delete certain files if the user does not take appropriate action

D. The message prompts the user to install Anti-Virus

Based on the some statistics; what is the typical number one top incident?

A. Phishing

B. Policy violation

C. Un-authorized access

D. Malware

What is correct about Quantitative Risk Analysis:

A. It is Subjective but faster than Qualitative Risk Analysis

B. Easily automated

C. Better than Qualitative Risk Analysis

D. Uses levels and descriptive expressions

In NIST risk assessment/ methodology; the process of identifying the boundaries of an IT system along with the resources and information that constitute the system is known as:

A. Asset Identification

B. System characterization

C. Asset valuation

D. System classification

The service organization that provides 24x7 computer security incident response services to any user, company, government agency, or organization is known as:

A. Computer Security Incident Response Team CSIRT

B. Security Operations Center SOC

C. Digital Forensics Examiner

D. Vulnerability Assessor

The program that helps to train people to be better prepared to respond to emergency situations in their communities is known as:

A. Community Emergency Response Team (CERT)

B. Incident Response Team (IRT)

C. Security Incident Response Team (SIRT)

D. All the above

Common name(s) for CSIRT is(are)

A. Incident Handling Team (IHT)

B. Incident Response Team (IRT)

C. Security Incident Response Team (SIRT)

D. All the above

The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility standard across many industries and educational institutions is known as:

A. Snort

B. Wireshark

C. Cain and Able

D. nmap

A Host is infected by worms that propagates through a vulnerable service; the sign(s) of the presence of the worm include:

A. Decrease in network usage

B. Established connection attempts targeted at the vulnerable services

C. System becomes instable or crashes

D. All the above

The state of incident response preparedness that enables an organization to maximize its potential to use digital evidence while minimizing the cost of an investigation is called:

A. Computer Forensics

B. Digital Forensic Analysis

C. Forensic Readiness

D. Digital Forensic Policy

Which of the following is NOT a digital forensic analysis tool:

A. Access Data FTK

B. EAR/ Pilar

C. Guidance Software EnCase Forensic

D. Helix

What command does a Digital Forensic Examiner use to display the list of all IP addresses and their associated MAC addresses on a victim computer to identify the machines that were communicating with it:

A. "arp" command

B. "netstat 璦n" command

C. "dd" command

D. "ifconfig" command

Business Continuity provides a planning methodology that allows continuity in business operations:

A. Before and after a disaster

B. Before a disaster

C. Before, during and after a disaster

D. During and after a disaster