212-89 EC-Council Exam Questions and Free Practice Test

Question 31

Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following helps in recognizing and separating the infected hosts from the information system?

A. Configuring firewall to default settings

B. Inspecting the process running on the system

C. Browsing particular government websites

D. Sending mails to only group of friends

Correct Answer:B

Question 32

Identify a standard national process which establishes a set of activities, general tasks and a management structure to certify and accredit systems that will maintain the information assurance (IA) and security posture of a system or site.

A. NIASAP

B. NIAAAP

C. NIPACP

D. NIACAP

Correct Answer:D

Question 33

Lack of forensic readiness may result in:

A. Loss of clients thereby damaging the organization’s reputation

B. System downtime

C. Data manipulation, deletion, and theft

D. All the above

Correct Answer:D

Question 34

A Host is infected by worms that propagates through a vulnerable service; the sign(s) of the presence of the worm include:

A. Decrease in network usage

B. Established connection attempts targeted at the vulnerable services

C. System becomes instable or crashes

D. All the above

Correct Answer:C

Question 35

An active vulnerability scanner featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis is called:

A. Nessus

B. CyberCop

C. EtherApe

D. nmap

Correct Answer:A

Question 36

Keyloggers do NOT:

A. Run in the background

B. Alter system files

C. Secretly records URLs visited in browser, keystrokes, chat conversations, ...etc

D. Send log file to attacker’s email or upload it to an ftp server

Correct Answer:B

START 212-89 EXAM