Below are the various steps involved in forensic readiness planning.
l.Keep an incident response team ready to review the incident and preserve the evidence.
2.Create a process for documenting the procedure.
3.ldentify the potential evidence required for an incident.
4.Determine the sources of evidence.
5.Establish a legal advisory board to guide the investigation process.
6.ldentify if the incident requires full or formal investigation.
7.Establish a policy for securely handling and storing the collected evidence.
8.Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption. Identify the correct sequence of steps involved in forensic readiness planning.
Jessica, a user, wanted to access the Internet from her laptop and therefore sends a connection request to the access point. To identify the wireless client, the access point forwarded that request to a RADIUS server. The RADIUS server transmitted authentication keys to both the access point and Jessica's laptop. This key helps the access point identify a particular wireless client.
Identify the authentication method demonstrated in the above scenario.
Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.
Identify the type of proxy employed by John in the above scenario.
Bob has secretly installed smart CCTV devices (loT devices) outside his home and wants to access the recorded data from a remote location. These smart CCTV devices send sensed data to an intermediate device that carries out pre-processing of data online before transmitting it to the cloudfor storage and analysis. The analyzed data is then sent to Bob for initiating actions.
Identify the component of loT architecture that collects data from loT devices and performs data preprocessing.
Stella, a mobile user, often ignores the messages received from the manufacturer for updates. One day, she found that files in her device are being replaced, she immediately rushed to the nearest service center for inquiry. They tested the device and identified vulnerabilities in it as it ran with an obsolete OS version.
Identify the mobile device security risk raised on Stella's device in the above scenario.
Mark, an attacker, aims to access an organization's internal server, but the local firewall implementation restricted him from achieving this objective. To overcome this issue, he started sending specially crafted requests to the public server, through which he gained access to the local server.
Identify the type of attack initiated by Mark in the above scenario.
Which of the following practices makes web applications vulnerable to SQL injection attacks?
Jack, a forensic investigator, was appointed to investigate a Windows-based security incident. In this process, he employed an Autopsy tool to recover the deleted files from unallocated space, which helps in gathering potential evidence.
Which of the following functions of Autopsy helped Jack recover the deleted files?
Below is the syntax of a command-line utility that displays active TCP connections and ports on which the computer is listening.
netstat [ a] [e] [-nJ [-o] [ p Protocol] [-r] [-s] [interval]
Identify the netstat parameter that displays active TCP connections and includes the process ID (PID) for each connection.
Kane, an investigation specialist, was appointed to investigate an incident in an organization’s network. In this process, Kane executed a command and identified that a network interface is running in the promiscuous mode and is allowing all incoming packets without any restriction.
In the above scenario, which of the following commands did Kane use to check whether the network interface is set to the promiscuous mode?
PDF + Testing Engine |
---|
$56 |
Testing Engine |
---|
$42 |
PDF (Q&A) |
---|
$35 |
ECCouncil Free Exams |
---|
|