最新的EC-COUNCIL EC Council Certified Incident Handler (ECIH v3) - 212-89免費考試真題
問題1
During routine monitoring, a cloud-based application hosting provider detects an anomaly suggesting an ongoing DDoS attack targeting one of its hosted applications. The provider's incident response team must quickly mitigate the attack while ensuring minimal service disruption. Which of the following strategies should they prioritize?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題2
SWA Cloud Services added PKI as one of their cloud security controls. What does PKI stand for?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題3
Robert is an incident handler working for Xsecurity Inc. One day, his organization faced a massive cyberattack and all the websites related to the organization went offline. Robert was on duty during the incident and he was responsible to handle the incident and maintain business continuity. He immediately restored the web application service with the help of the existing backups.
According to the scenario, which of the following stages of incident handling and response (IH&R) process does Robert performed?
According to the scenario, which of the following stages of incident handling and response (IH&R) process does Robert performed?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題4
Which of the following methods help incident responders to reduce the false-positive alert rates and further provide benefits of focusing on topmost priority issues reducing potential risk and corporate liabilities?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題5
Drake is an incident handler in Dark CLoud Inc. He is intended to perform log analysis in order to detect traces of malicious activities within the network infrastructure.
Which of the following tools Drake must employ in order to view logs in real time and identify malware propagation within the network?
Which of the following tools Drake must employ in order to view logs in real time and identify malware propagation within the network?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題6
Shiela is working at night as an incident handler. During a shift, servers were affected by a massive cyberattack. After she classified and prioritized the incident, she must report the incident, obtain necessary permissions, and perform other incident response functions. What list should she check to notify other responsible personnel?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題7
SevTech detected malicious code injected into its client data protection module, with indicators of a nation- state actor. In this high-pressure scenario, what should be SevTech's primary course of action?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題8
Ikeo Corp, hired an incident response team to assess the enterprise security. As part of the incident handling and response process, the IR team is reviewing the current security policies implemented by the enterprise.
The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any application, and access a computer or network from a remote location.
Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers. Which of the following security policies is the IR team planning to modify?
The IR team finds that employees of the organization do not have any restrictions on Internet access: they are allowed to visit any site, download any application, and access a computer or network from a remote location.
Considering this as the main security threat, the IR team plans to change this policy as it can be easily exploited by attackers. Which of the following security policies is the IR team planning to modify?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題9
TechStream, a rising tech start-up, developed an AI-powered chatbot for its clients' websites. Shortly after deployment, users reported receiving malicious links and phishing messages from the chatbot. Preliminary investigation traced the issue to an attacker exploiting the chatbot's AI training module. Which of the following steps would be the most efficient in addressing this vulnerability?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題10
A large retail company recently migrated its customer data to a public cloud service. Shortly after, they noticed suspicious activities indicating a potential data breach. The incident response team faces multiple challenges due to the cloud's shared responsibility model, including limited access to underlying infrastructure and logs. Which action is most critical for the incident response team to perform first?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題11
ThetaTec, a global fintech giant, identified that an employee was siphoning off funds using a sophisticated method undetectable by traditional monitoring tools. The firm decided to employ advanced techniques to detect such hidden insider threats. What should be its primary focus?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題12
An incident handler is analyzing email headers to find out suspicious emails.
Which of the following tools he/she must use in order to accomplish the task?
Which of the following tools he/she must use in order to accomplish the task?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題13
A multinational law firm suffered a sophisticated malware attack that encrypted critical legal documents.
During recovery, there is concern that some archived backups may already be compromised. Which recovery- focused action should the organization prioritize to ensure safe restoration?
During recovery, there is concern that some archived backups may already be compromised. Which recovery- focused action should the organization prioritize to ensure safe restoration?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題14
An attacker traced out and found the kind of websites a target company/individual is frequently surfing and tested those particular websites to identify any possible vulnerabilities. When the attacker detected vulnerabilities in the website, the attacker started injecting malicious script/code into the web application that can redirect the webpage and download the malware onto the victim's machine. After infecting the vulnerable web application, the attacker waited for the victim to access the infected web application.
Identify the type of attack performed by the attacker.
Identify the type of attack performed by the attacker.
正確答案: A
說明:(僅 VCESoft 成員可見)

