During the process of detecting and containing malicious emails, incident responders should examine the originating IP address of the emails. The steps to examine the originating IP address are as follow:
1.
Search for the IP in the WHOIS database
2.
Open the email to trace and find its header
3.
Collect the IP address of the sender from the header of the received mail
4.
Look for the geographic address of the sender in the WHOIS database
Identify the correct sequence of steps to be performed by the incident responders to examine originating IP address of the emails.
A. 4-->1-->2-->3Which type of incident involves unauthorized disclosure of classified organizational information without modifying or destroying the data?
A. Integrity violationEric works as an incident handler at Erinol software systems. He was assigned a task to protect the organization from any kind of DoS/DDoS attacks. Which of the following tools can be used by Eric to achieve his objective?
A. IncapsulaWhich of the following is a type of malicious code or software that appears legitimate but can take control of your computer?
A. Phishing attackFrancis is an incident handler and security expert. He works at MorisonTech Solutions based in Sydney, Australia. He was assigned a task to detect phishing/spam mails for the client organization. Which of the following tools can assist Francis to perform the required task?
A. NetcraftWhich of the following methods help incident responders to reduce the false-positive alert rates and further provide benefits of focusing on topmost priority issues reducing potential risk and corporate liabilities?
A. Threat profilingThe largest number of cyber-attacks are conducted by:
A. InsidersZYX company experienced a DoS/DDoS attack on their network. Upon investigating the incident, they concluded that the attack is an application-layer attack. Which of the following attacks did the attacker use?
A. Slowloris attackAllan performed a reconnaissance attack on his corporate network as part of a red-team activity. He scanned the IP range to find live host IP addresses. What type of technique did he use to exploit the network?
A. DNS foot printingWhich of the following is not a countermeasure to eradicate cloud security incidents?
A. Patch the database vulnerabilities and improve the isolation mechanismNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 212-89 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.