Free Preparation Discussions
MENU
Eccouncil 212-82 Exam Questions
- Topic 1: Information Security Threats and Vulnerabilities: This module is about the concepts related to cybersecurity threats and vulnerabilities.
- Topic 2: Information Security Attacks: In this module, the focus is given to various security attacks and threats and strategies used by attackers.
- Topic 3: Network Security Fundamentals: In this section, concepts discussed relate to the comprehension of security networks.
- Topic 4: Identification, Authentication, Authorization: In this section, focus is given on the identification, Authentication, and Authorization (IAA) to improve access mechanisms to safeguard information.
- Topic 5: Network Security Controls- Administrative Controls: In this section, the focus is given to non-technical rules for ensuring the security of networks.
- Topic 6: Network Security Controls- Physical Controls: This section covers how to secure the physical environment of the entire computer network.
- Topic 7: Network Security Controls: Technical Controls: In this section, the exam covers the aspects of software and hardware that help to safeguard networks.
- Topic 8: Application Security: In this module, the focus is given to the know-how of safeguarding the applications from various attackers.
- Topic 9: Virtualization and Cloud Computing: In this section, topics discussed include the way these tools operate and secure networks.
- Topic 10: Mobile Device Security: This section of the 212-82 exam covers smartphone and gadget security to ensure they are safe from different types of malware.
- Topic 11: IoT and OT Security: In this exam section, the topics covered relate to IoT and OT Security and how to safeguard online IoT) devices and streamline OT from malicious attacks.
- Topic 12: Cryptography: This module covers how to secure data by scrambling it with algorithms and keys.
- Topic 13: Data Security: In this exam section, the focus is given to safeguarding information in transit and data that is utilized.
- Topic 14: Network Troubleshooting: This section of the exam covers the Network Troubleshooting competencies that aim to pinpoint and diagnose various network problems and provide guidance for solving connectivity issues.
- Topic 15: Network Traffic Monitoring: This section of the exam covers techniques to examine information flow through a network to improve its health.
- Topic 16: Networks Log Monitoring and Analysis: This section of the exam covers the analysis of network device logs to mitigate security issues to perform fixes.
- Topic 17: Incident Response: The section deals with using an effective strategy to pinpoint, remove, and recover from security issues.
- Topic 18: Computer Forensics: This section of the exam covers data collection, analysis, and saving of digital evidence to reduce cybersecurity issues.
- Topic 19: Business Continuity and Disaster Recovery: In this section, topics discussed include strategies and policies to ensure smooth operations and how to recover from various disruptions.
- Topic 20: Risk Management: The Risk Management section deals with the knowledge of how to pinpoint, examine, and solve potential cybersecurity threats and manage risks.
Free Eccouncil 212-82 Exam Actual Questions
Note: Premium Questions for 212-82 were last updated On Mar. 21, 2025 (see below)
Hotel Grande offers luxury accommodations and emphasizes top-notch service for its guests. One such service is secure, high-speed Wi-FI access In every room. The hotel wishes to deploy an authentication method that would give individual guests a seamless experience without compromising security. This method should ideally provide a balance between convenience and strong security. Which of the following should Hotel Grande use?
Strong Security:
EAP-TLS provides strong security by using certificate-based authentication. This ensures that both the client and server are authenticated before a connection is established.
Seamless User Experience:
Once the certificates are installed, the authentication process is seamless for the user, providing a balance between strong security and convenience.
Mitigating Risks:
EAP-TLS mitigates risks associated with weaker authentication methods, such as Pre-Shared Keys (PSKs), which can be shared or stolen.
Deployment and Management:
Although initial deployment and certificate management require effort, the long-term security benefits and user convenience outweigh the initial setup challenges.
Given the need for a balance between security and convenience, EAP-TLS is the best authentication method for Hotel Grande's Wi-Fi access.
Jane Is a newly appointed Chief Financial Officer at BigTech Corp. Within a week, she receives an email from a sender posing as the company's CEO. instructing her to make an urgent wire transfer. Suspicious. Jane decides to verify the request's authenticity. She receives another email from the same sender, now attaching a seemingly scanned Image of the CEO's handwritten note. Simultaneously, she gets a call from an 'IT support' representative, instructing her to click on the attached image to download a 'security patch'. Concerned. Jane must determine which social engineering tactics she encountered.
Jane encountered a combination of social engineering tactics:
Spear Phishing:
CEO Impersonation Email: The initial email and the follow-up with the scanned image of the CEO's handwritten note are examples of spear phishing, where attackers target specific individuals with tailored messages to gain their trust and extract sensitive information.
Vishing:
'IT Support' Call: The phone call from the supposed 'IT support' representative asking Jane to download a 'security patch' is a form of vishing (voice phishing). This tactic involves using phone calls to trick victims into revealing sensitive information or performing actions that compromise security.
Social Engineering Techniques: SANS Institute Reading Room
Phishing and Vishing Explained: Norton Security
A disgruntled employee has set up a RAT (Remote Access Trojan) server in one of the machines in the target network to steal sensitive corporate documents. The IP address of the target machine where the RAT is installed is 20.20.10.26. Initiate a remote connection to the target machine from the "Attacker Machine-1" using the Theef client. Locate the "Sensitive Corporate Documents" folder in the target machine's Documents directory and determine the number of files. Mint: Theef folder is located at Z:\CCT-Tools\CCT Module 01 Information Security Threats and Vulnerabilities\Remote Access Trojans (RAT)\Theef of the Attacker Machine1.
The number of files in the ''Sensitive Corporate Documents'' folder is 4. This can be verified by initiating a remote connection to the target machine from the ''Attacker Machine-1'' using Theef client. Theef is a Remote Access Trojan (RAT) that allows an attacker to remotely control a victim's machine and perform various malicious activities. To connect to the target machine using Theef client, one can follow these steps:
Launch Theef client from Z:\CCT-Tools\CCT Module 01 Information Security Threats and Vulnerabilities\Remote Access Trojans (RAT)\Theef on the ''Attacker Machine-1''.
Enter the IP address of the target machine (20.20.10.26) and click on Connect.
Wait for a few seconds until a connection is established and a message box appears saying ''Connection Successful''.
Click on OK to close the message box and access the remote desktop of the target machine.
Navigate to the Documents directory and locate the ''Sensitive Corporate Documents'' folder.
Open the folder and count the number of files in it. The screenshot below shows an example of performing these steps: Reference: [Theef Client Tutorial], [Screenshot of Theef client showing remote desktop and folder]
You have been assigned to perform a vulnerability assessment of a web server located at IP address 20.20.10.26. Identify the vulnerability with a severity score of &
TCP Timestamps is the vulnerability with a severity score of 8.0. This can be verified by performing a vulnerability assessment of the web server located at IP address 20.20.10.26 using the OpenVAS vulnerability scanner, available with the Parrot Security machine, with credentials admin/password. To perform the vulnerability assessment, one can follow these steps:
Launch the Parrot Security machine and open a terminal.
Enter the command sudo openvas-start to start the OpenVAS service and wait for a few minutes until it is ready.
Open a web browser and navigate to https://127.0.0.1:9392 to access the OpenVAS web interface.
Enter the credentials admin/password to log in to OpenVAS.
Click on Scans -> Tasks from the left menu and then click on the blue icon with a star to create a new task.
Enter a name and a comment for the task, such as ''Web Server Scan''.
Select ''Full and fast'' as the scan config from the drop-down menu.
Click on the icon with a star next to Target to create a new target.
Enter a name and a comment for the target, such as ''Web Server''.
Enter 20.20.10.26 as the host in the text box and click on Save.
Select ''Web Server'' as the target from the drop-down menu and click on Save.
Click on the green icon with a play button next to the task name to start the scan and wait for it to finish.
Click on the task name to view the scan report and click on Results from the left menu to see the list of vulnerabilities found.
Sort the list by Severity in descending order and look for the vulnerability with a severity score of 8.0. The screenshot below shows an example of performing these steps: The vulnerability with a severity score of 8.0 is TCP Timestamps, which is an option in TCP packets that can be used to measure round-trip time and improve performance, but it can also reveal information about the system's uptime, clock skew, or TCP sequence numbers, which can be used by attackers to launch various attacks, such as idle scanning, OS fingerprinting, or TCP hijacking1. The vulnerability report provides more details about this vulnerability, such as its description, impact, solution, references, and CVSS score2. Reference: Screenshot of OpenVAS showing TCP Timestamps vulnerability, TCP Timestamps Vulnerability, Vulnerability Report
An loT device placed in a hospital for safety measures has sent an alert to the server. The network traffic has been captured and stored in the Documents folder of the "Attacker Machine-1". Analyze the loTdeviceTraffic.pcapng file and identify the command the loT device sent over the network. (Practical Question)
The loT device sent the command Temp_High over the network, which indicates that the temperature in the hospital was above the threshold level. This can be verified by analyzing the loTdeviceTraffic.pcapng file using a network protocol analyzer tool such as Wireshark4. The command Temp_High can be seen in the data field of the UDP packet sent from the loT device (192.168.0.10) to the server (192.168.0.1) at 12:00:03. The screenshot below shows the packet details5: Reference: Wireshark User's Guide, [loTdeviceTraffic.pcapng]
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Timothy
15 days agoRoosevelt
19 days agoMelvin
1 months agoLatosha
2 months agoAlverta
2 months agoSabina
2 months agoDelsie
2 months agoSheldon
3 months agoHershel
3 months agoLillian
3 months agoLigia
3 months agoRonnie
3 months agoLawana
4 months agoDoyle
4 months agoKing
4 months agoEmeline
4 months agoAlverta
4 months agoTimothy
4 months agoXuan
5 months agoLennie
5 months agoPok
5 months agoDeja
6 months agoRoxanne
6 months agoMaurine
6 months agoTomas
6 months agoCharlie
7 months agoAzalee
7 months agoBarrie
7 months agoJulie
7 months agoGladys
8 months agoShasta
9 months agoGeorgiann
9 months agoAsuncion
9 months agoBernardine
10 months agoAdaline
10 months agoMargurite
10 months agoGladys
11 months ago