212-89 Exam Question 11

Nervous Nat often sends emails with screenshots of what he thinks are serious incidents, but they always turn out to be false positives. Today, he sends another screenshot, suspecting a nation-state attack. As usual, you go through your list of questions, check your resources for information to determine whether the screenshot shows a real attack, and determine the condition of your network. Which step of IR did you just perform?
  • 212-89 Exam Question 12

    A malicious, security-breaking program is disguised as a useful program. Such executable programs, which are installed when a file is opened, allow others to control a user's system. What is this type of program called?
  • 212-89 Exam Question 13

    Daniel, a system administrator, was discovered accessing encrypted project files that had no relevance to his job responsibilities. A security audit revealed that his account had unrestricted access to all file servers, and there were no alerts or enforcement mechanisms in place to block or flag such access. Which countermeasure should have been in place to prevent this abuse?
  • 212-89 Exam Question 14

    NovoMed discovers encrypted data transfers of drug research and participant data to an unknown location and receives an extortion-like message implying the formula may be released. What is the most prudent course of action?
  • 212-89 Exam Question 15

    Francis received a spoof email asking for his bank information. He decided to use a tool to analyze the email headers. Which of the following should he use?