212-89 Exam Question 101

Sameer, part of the incident response team, is alerted that several employees unknowingly entered credentials on a fake login page after receiving a spoofed internal notification. The domain name used in the attack had subtle character changes. What kind of unauthorized access incident did this attack begin with?
  • 212-89 Exam Question 102

    A global retail enterprise operating across multiple e-commerce platforms and physical locations has recently been targeted by a well-orchestrated cyberattack that disrupted transaction processing systems and led to a temporary shutdown of online services. Following the incident, customer confidence dropped, and the board demanded immediate corrective and preventive measures to strengthen cybersecurity resilience. The Chief Information Security Officer (CISO) directed the incident response team to establish a forward-looking approach that not only mitigates such incidents but also ensures that all stakeholders are trained in advance.
    This includes defining clear roles and responsibilities, creating and training a dedicated response team, conducting simulation exercises, reviewing existing IR tools, auditing organizational assets, and developing a comprehensive set of policies and playbooks. Which phase of the IH&R process should the organization focus on to achieve this?
  • 212-89 Exam Question 103

    After a recent upgrade, users of Trend Spot encountered slow website load times. Analysis revealed attackers flooding the application with fake search requests, causing an application-layer DoS attack. How should Trend Spot primarily respond?
  • 212-89 Exam Question 104

    Which of the following GPG18 and Forensic readiness planning (SPF) principles states that "organizations should adopt a scenario based Forensic Readiness Planning approach that learns from experience gained within the business"?
  • 212-89 Exam Question 105

    Jason, a cybersecurity analyst in the incident response team, begins investigating several complaints from employees who received emails urgently requesting wire transfers to an overseas account. The emails appeared to come from the company's CEO, using a tone of authority and pressure to bypass standard procedures. Upon closer inspection, Jason identifies that the sender's email address includes a minor alteration in the domain name-a form of domain spoofing. He examines the email headers, confirms the falsified sender identity, and cross-checks with the actual CEO's activity logs to ensure there was no internal compromise. Immediately, Jason blocks the sender's IP address at the firewall level, alerts the finance department to prevent any unauthorized transactions, and issues a company-wide advisory about the impersonation attempt. What type of phishing is Jason handling?