212-89 Exam Question 16

Which of the following options describes common characteristics of phishing emails?
  • 212-89 Exam Question 17

    Elena, a first responder at a multinational firm, receives multiple reports from employees claiming they were asked to update their payroll information through an email that appears to be from HR. The email includes a URL directing users to a login page identical to the company's intranet but hosted on an unfamiliar domain.
    Elena immediately informs the IH&R team, preserves the email headers, captures screenshots of the spoofed page, and blocks the domain at the network level. What type of email security incident is Elena handling?
  • 212-89 Exam Question 18

    An international insurance provider observed a sharp rise in endpoint infections across geographically dispersed offices. The IR team correlated the infections with recent access to a series of trusted informational websites visited during routine research activities. After cross-referencing network telemetry and endpoint logs, analysts uncovered that these sites had been covertly altered by threat actors to include obfuscated scripts that launched on page render. Upon visiting the tampered content, a series of exploit chains were executed, targeting unpatched vulnerabilities in rendering engines of commonly used client applications. The malicious code was injected directly into volatile memory, allowing the payload to operate stealthily without initiating file creation events or prompting user interaction. Security tools failed to detect the compromise in real time due to the absence of conventional indicators such as user-triggered executions or external file transfers. Which web-based malware delivery technique is MOST consistent with the described attack?
  • 212-89 Exam Question 19

    Zaimasoft, a prominent IT organization, was attacked by perpetrators who directly targeted the hardware and caused irreversible damage to the hardware. In result, replacing or reinstalling the hardware was the only solution.
    Identify the type of denial-of-service attack performed on Zaimasoft.
  • 212-89 Exam Question 20

    SafeGuard Inc., a cloud storage company, identified attackers exploiting a Server-Side Request Forgery (SSRF) vulnerability, leading to internal network reconnaissance. Which measure should SafeGuard Inc.
    prioritize to mitigate this vulnerability?