212-89 Practice Questions

Sam. an employee of a multinational company, sends emails to third-party organizations with a spoofed email address of his organization. How can you categorize this type of incident?

Ethan, part of the IH&R team, receives a phishing email targeting employees with a link to reset passwords. He hovers over the link and notices a discrepancy between the visible URL and the hyperlink. He cross-verifies the sender’s email structure and subject tone to detect further red flags. Which phishing detection approach is Ethan using?

BadGuy Bob hid files in the slack space, changed the file headers, hid suspicious files in executables, and changed the metadata for all types of files on his hacker laptop. What has he committed?

Stanley works as an incident responder at a top MNC based in Singapore. He was asked to investigate a cybersecurity incident that recently occurred in the company. While investigating the incident, he collected evidence from the victim systems. He must present this evidence in a clear and comprehensible manner to the members of a jury so that the evidence clarifies the facts and further helps in obtaining an expert opinion on the incident to confirm the investigation process. In the above scenario, which of the following characteristics of the digital evidence did Stanley attempt to preserve?

Bonney’s system has been compromised by a gruesome malware.

What is the primary step that is advisable to Bonney in order to contain the malware

incident from spreading?

BetaCorp, a multinational corporation, identified an employee selling company secrets to competitors. BetaCorp wants to prevent such incidents in the future. Which action will be most effective?

A colleague wants to minimize their security responsibility because they are in a small organization. They are evaluating a new application that is offered in different forms. Which form would result in the least amount of responsibility for the colleague?

In the gaming industry, Playverse Ltd. noticed that their latest game had an unauthorized “mod” that allowed players unique abilities. However, this mod was malicious, altering in-game purchases and accessing players’ financial details. Having tools like a real-time game environment scanner and a user-behavior monitor, what’s the best initial approach?

DigitalSoft, a major software development firm, recently discovered unauthorized access to its codebase. The culprit was a disgruntled employee who had been overlooked for a promotion. The company wants to prevent such insider threats in the future. What is the most effective measure it can implement?

Chandler is a professional hacker who is targeting Technote organization. He wants to obtain important organizational information that is being transmitted between

different hierarchies. In the process, he is sniffing the data packets transmitted through the network and then analyzing them to gather packet details such as network, ports,

protocols, devices, issues in network transmission, and other network specifications. Which of the following tools Chandler must employ to perform packet analysis?