212-89 Exam Question 76
Alex is an incident handler for Tech-o-Tech Inc. and is tasked to identify any possible insider threats within his organization. Which of the following insider threat detection techniques can be used by Alex to detect insider threats based on the behavior of a suspicious employee, both individually and in a group?
212-89 Exam Question 77
A multinational corporation with a diverse computing environment experiences a sophisticated malware attack targeting its endpoint devices. The malware is designed to evade traditional antivirus solutions and establish a persistent backdoor for data exfiltration. This incident underscores the complex landscape of endpoint security and the evolving threat vectors. In this context, what is the most critical reason for establishing a robust endpoint security incident handling and response capability?
212-89 Exam Question 78
A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to agency's reporting timeframe guidelines, this incident should be reported within 2 h of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity.
Which incident category of US Federal Agency does this incident belong to?
Which incident category of US Federal Agency does this incident belong to?
212-89 Exam Question 79
Shally, an incident handler, is working for a company named Texas Pvt. Ltd. based in Florida. She was asked to work on an incident response plan. As part of the plan, she decided to enhance and improve the security infrastructure of the enterprise. She has incorporated a security strategy that allows security professionals to use several protection layers throughout their information system. Due to multiple layer protection, this security strategy assists in preventing direct attacks against the organization's information system as a break in one layer only leads the attacker to the next layer.
Identify the security strategy Shally has incorporated in the incident response plan.
Identify the security strategy Shally has incorporated in the incident response plan.
212-89 Exam Question 80
In the lead-up to a major product launch, a technology company reviews its endpoint security strategy to safeguard intellectual property. What is the most essential element to incorporate into their incident response strategy for endpoints?
