212-89 Practice Test

What command does a Digital Forensic Examiner use to display the list of all IP addresses and their associated MAC addresses on a victim computer to identify the machines that were communicating with it:

A.

“arp” command

B.

“netstat –an” command

C.

“dd” command

D.

“ifconfig” command

A US Federal agency network was the target of a DoS attack that prevented and impaired the normal
authorized functionality of the networks. According to agency’s reporting timeframe guidelines, this incident
should be reported within two (2) HOURS of discovery/detection if the successful attack is still ongoing and
the agency is unable to successfully mitigate the activity. Which incident category of the US Federal Agency
does this incident belong to?

A.

CAT 5

B.

CAT 1

C.

CAT 2

D.

CAT 6

CSIRT can be implemented at:

A.

Internal enterprise level

B.

National, government and military level

C.

Vendor level

D.

All the above

In which of the steps of NIST’s risk assessment methodology are the boundary of the IT system, along with the resources and the information that constitute the system identified?

A.

Likelihood Determination

B.

Control recommendation

C.

System characterization

D.

Control analysis

The main feature offered by PGP Desktop Email is:

A.

Email service during incidents

B.

End-to-end email communications

C.

End-to-end secure email service

D.

None of the above