212-89 Exam Question 26

BadGuy Bob hid files in the slack space, changed the file headers, hid suspicious files in executables, and changed the metadata for all types of files on his hacker laptop. What has he committed?
  • 212-89 Exam Question 27

    OmegaTech Corp identified unauthorized remote access to its primary server and data exfiltration tunnels.
    Simultaneously, IoT device firmware corruption was reported. As the first responder, what should Olivia prioritize?
  • 212-89 Exam Question 28

    Which of the following techniques helps incident handlers to detect man-in-the-middle attack by finding the new APs and trying to connect an already established channel, even if the spoofed AP consists similar IP and MAC addresses as of the original AP?
  • 212-89 Exam Question 29

    Logan, an incident handler, ensures the chain of custody is documented while handling backup media post- attack. The goal is to preserve evidence integrity while restoring critical systems. Which recovery principle is Logan adhering to?
  • 212-89 Exam Question 30

    During the vulnerability assessment phase, the incident responders perform various steps as below:
    1. Run vulnerability scans using tools
    2. Identify and prioritize vulnerabilities
    3. Examine and evaluate physical security
    4. Perform OSINT information gathering to validate the vulnerabilities
    5. Apply business and technology context to scanner results
    6. Check for misconfigurations and human errors
    7. Create a vulnerability scan report
    Identify the correct sequence of vulnerability assessment steps performed by the incident responders.