Arabella, a forensic officer, documented all the evidence related to the case in a standard forensic investigation report template. She filled different sections of the report covering all the details of the crime along with the daily progress of the investigation process.In which of the following sections of the forensic investigation report did Arabella record the "nature of the claim and information provided to the officers"?

Evaluation and analysis process

Shawn, a forensic officer, was appointed to investigate a crime scene that had occurred at a coffee shop. As a part of investigation, Shawn collected the mobile device from the victim, which may contain potential evidence to identify the culprits.Which of the following points must Shawn follow while preserving the digital evidence? (Choose three.)

Turn the device ON if it is OFF

Do not leave the device as it is if it is ON

Make sure that the device is charged

Never record the screen display of the device

Turn the device ON if it is OFF

Do not leave the device as it is if it is ON

Make sure that the device is charged

Nicolas, a computer science student, decided to create a guest OS on his laptop for different lab operations. He adopted a virtualization approach in which the guest OS will not be aware that it is running in a virtualized environment. The virtual machine manager (VMM) will directly interact with the computer hardware, translate commands to binary instructions, and forward them to the host OS.Which of the following virtualization approaches has Nicolas adopted in the above scenario?

Hardware-assisted virtualization

You are Harris working for a web development company. You have been assigned to perform a task for vulnerability assessment on the given IP address 20.20.10.26. Select the vulnerability that may affect the website according to the severity factor.Hint: Greenbone web credentials: admin/password

FTP Unencrypted Cleartext Login

ECCouncil 212-82 Practice Test 2 - Free Online Exam Prep & Questions

Question 1 / 40

The IH&R team in an organization was handling a recent malware attack on one of the hosts connected to the organization's network. Edwin, a member of the IH&R team, was involved in reinstating lost data from the backup medi a. Before performing this step, Edwin ensured that the backup does not have any traces of malware.

Identify the IH&R step performed by Edwin in the above scenario.

Eradication

Incident containment

Notification

Recovery

Comment (0)

Suggested answer: D

Explanation:

Recovery is the IH&R step performed by Edwin in the above scenario. IH&R (Incident Handling and

Response) is a process that involves identifying, analyzing, containing, eradicating, recovering from, and reporting on security incidents that affect an organization's network or system. Recovery is the IH&R step that involves restoring the normal operation of the system or network after eradicating the incident. Recovery can include reinstating lost data from the backup media, applying patches or updates, reconfiguring settings, testing functionality, etc. Recovery also involves ensuring that the backup does not have any traces of malware or compromise . Eradication is the IH&R step that involves removing all traces of the incident from the system or network, such as malware, backdoors, compromised files, etc. Incident containment is the IH&R step that involves implementing appropriate measures to stop the infection from spreading to other organizational assets and to prevent further damage to the organization. Notification is the IH&R step that involves informing relevant stakeholders, authorities, or customers about the incident and its impact.

asked 18/09/2024

Thiago B

45 questions

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

ECCouncil 212-82 Practice Test 2

Question

ECCouncil 212-82 Practice Tests

Practice Tests