212-89 Exam Question 121

Lina, a threat responder, uses the Nuix Adaptive Security tool to analyze alerts of suspicious file uploads. She identifies that an insider used Outlook to send attachments to unknown email addresses during off-hours. The tool captures screenshots, file metadata, and keystroke logs. What type of evidence is Lina primarily relying on?
  • 212-89 Exam Question 122

    Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she is performing threat attribution that deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target. Which of the following types of threat attributions Alexis performed?
  • 212-89 Exam Question 123

    Allan performed a reconnaissance attack on his corporate network as part of a red-team activity. He scanned the IP range to find live host IP addresses. What type of technique did he use to exploit the network?
  • 212-89 Exam Question 124

    Alice is an incident handler and she has been informed by her lead that the data on affected systems must be backed up so that it can be retrieved if it is damaged during the incident response process. She was also told that the system backup can also be used for further investigation of the incident. In which of the following stages of the incident handling and response (IH&R) process does Alice need to do a complete backup of the infected system?
  • 212-89 Exam Question 125

    Which of the following risk mitigation strategies involves execution of controls to reduce the risk factor and brings it to an acceptable level or accepts the potential risk and continues operating the IT system?