Free Access EC-COUNCIL.212-89.v2024-04-20.q127 Practice Test (Page 24)

Question 111

During the vulnerability assessment phase, the incident responders perform various steps as below:
1. Run vulnerability scans using tools
2. Identify and prioritize vulnerabilities
3. Examine and evaluate physical security
4. Perform OSINT information gathering to validate the vulnerabilities
5. Apply business and technology context to scanner results
6. Check for misconfigurations and human errors
7. Create a vulnerability scan report
Identify the correct sequence of vulnerability assessment steps performed by the incident responders.

A.2-->1-->4->7->5->6-->3

B.4-->1-->2->3->6->5-->7

C.3-->6-->1->2->5->4-->7

D.1-->3-->2->4->5->6-->7

Question 112

Which of the following is NOT one of the common techniques used to detect Insider threats:

A.Observing employee sick leaves

B.Spotting conflicts with supervisors and coworkers

C.Observing employee tardiness and unexplained absenteeism

D.Spotting an increase in their performance

Question 113

Which of the following does NOT reduce the success rate of SQL injection?

A.Close unnecessary application services and ports on the server.

B.Limit the length of the input field.

C.Automatically lock a user account at era predefined number of invalid login attempts within a predefined interval

D.Constrain legitimate characters to exclude special characters.

Question 114

Quantitative risk is the numerical determination of the probability of an adverse event and the extent of the
losses due to the event. Quantitative risk is calculated as:

A.Significant Risks X Probability of Loss X Loss

B.(Loss) / (Probability of Loss)

C.(Probability of Loss) / (Loss)

D.(Probability of Loss) X (Loss)

Question 115

Zaimasoft, a prominent IT organization, was attacked by perpetrators who directly targeted the hardware and caused irreversible damage to the hardware. In result, replacing or reinstalling the hardware was the only solution. Identify the type of denial-of-service attack performed on Zaimasoft.

A.PDoS

B.DDoS

C.DoS

D.DRDoS

Other Version: 4210EC-COUNCIL.212-89.v2025-07-10.q180; 6211EC-COUNCIL.212-89.v2024-10-25.q169; 1924EC-COUNCIL.212-89.v2022-12-15.q119; 1619EC-COUNCIL.212-89.v2022-06-28.q74; 2090EC-COUNCIL.212-89.v2022-01-31.q80; 88EC-COUNCIL.Pass4surecert.212-89.v2021-09-13.by.hamiltion.74q.pdf

Latest Upload: 201PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 298Nokia.4A0-113.v2026-05-01.q69; 255EC-COUNCIL.312-49v11.v2026-04-30.q214; 228Microsoft.MB-820.v2026-04-30.q101; 211Salesforce.MC-202.v2026-04-30.q57; 206BICSI.INSTC_V8.v2026-04-29.q53; 335NMLS.MLO.v2026-04-28.q82; 243NCARB.Project-Management.v2026-04-28.q27; 462EMC.D-AV-DY-23.v2026-04-27.q184; 1116ServiceNow.CSA.v2026-04-27.q483

Question 111

Question 112

Question 113

Question 114

Question 115

Download PDF File