212-89 Exam Question 81

During a routine security audit, an executive's mobile device began exhibiting signs of compromise, including frequent crashes, unrecognized applications, and abnormal data consumption. The organization's IR team conducted multiple antivirus scans and attempted standard malware removal procedures, but the threat continued to persist. Further investigation suggested that the malware was embedded in a background service configured to reinitialize upon reboot. Concerned about the potential risk of data exfiltration or further infection, the team decided to isolate the device and initiate a tailored eradication strategy to remove the threat without activating it. Which eradication step is most appropriate in this situation?
  • 212-89 Exam Question 82

    SevTech detected malicious code injected into its client data protection module, with indicators of a nation- state actor. In this high-pressure scenario, what should be SevTech's primary course of action?
  • 212-89 Exam Question 83

    In which of the following types of fuzz testing strategies the new data will be generated from scratch and the amount of data to be generated are predefined based on the testing model?
  • 212-89 Exam Question 84

    During routine monitoring, a cloud-based application hosting provider detects an anomaly suggesting an ongoing DDoS attack targeting one of its hosted applications. The provider's incident response team must quickly mitigate the attack while ensuring minimal service disruption. Which of the following strategies should they prioritize?
  • 212-89 Exam Question 85

    Francis is an incident handler and security expert. He works at MorisonTech Solutions based in Sydney, Australia. He was assigned a task to detect phishing/spam mails for the client organization.
    Which of the following tools can assist Francis to perform the required task?