0% found this document useful (0 votes)

116 views4 pages

212 89 Questions

Uploaded by

teketamiru

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

116 views4 pages

212 89 Questions

Uploaded by

teketamiru

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

Eccouncil

212-89 Exam
EC Council Certified Incident Handler (ECIH v2) Exam

Questions & Answers

Demo
Version: 8.0
Question: 1

Which of the following terms may be defined as “a measure of possible inability to achieve a goal,
objective, or target within a defined security, cost plan and technical limitations that adversely
affects the organization’s operation and revenues?

A. Risk
B. Vulnerability
C. Threat
D. Incident Response

Answer: A

Question: 2

A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single
system is targeted by a large number of infected machines over the Internet. In a DDoS attack,
attackers first infect multiple systems which are known as:

A. Trojans
B. Zombies
C. Spyware
D. Worms

Answer: B

Question: 3

The goal of incident response is to handle the incident in a way that minimizes damage and reduces
recovery time and cost. Which of the following does NOT constitute a goal of incident response?

A. Dealing with human resources department and various employee conflict behaviors.
B. Using information gathered during incident handling to prepare for handling future incidents in a
better way and to provide stronger protection for systems and data.
C. Helping personal to recover quickly and efficiently from security incidents, minimizing loss or theft
and disruption of services.
D. Dealing properly with legal issues that may arise during incidents.

Answer: A

Question: 4

An organization faced an information security incident where a disgruntled employee passed

sensitive access control information to a competitor. The organization’s incident response manager,
upon investigation, found that the incident must be handled within a few hours on the same day to
maintain business continuity and market competitiveness. How would you categorize such
information security incident?

A. High level incident

B. Middle level incident
C. Ultra-High level incident
D. Low level incident

Answer: A

Question: 5

Business continuity is defined as the ability of an organization to continue to function even after a
disastrous event, accomplished through the deployment of redundant hardware and software, the
use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which
is mandatory part of a business continuity plan?

A. Forensics Procedure Plan

B. Business Recovery Plan
C. Sales and Marketing plan
D. New business strategy plan

Answer: B

Question: 6

The flow chart gives a view of different roles played by the different personnel of CSIRT. Identify the
incident response personnel denoted by A, B, C, D, E, F and G.

A. A-Incident Analyst, B- Incident Coordinator, C- Public Relations, D-Administrator, E- Human

Resource, F-Constituency, G-Incident Manager
B. A- Incident Coordinator, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human
Resource, F-Constituency, G-Incident Manager
C. A- Incident Coordinator, B- Constituency, C-Administrator, D-Incident Manager, E- Human
Resource, F-Incident Analyst, G-Public relations
D. A- Incident Manager, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource,
F-Constituency, G-Incident Coordinator
Answer: C

Question: 7

Which of the following is an appropriate flow of the incident recovery steps?

A. System Operation-System Restoration-System Validation-System Monitoring

B. System Validation-System Operation-System Restoration-System Monitoring
C. System Restoration-System Monitoring-System Validation-System Operations
D. System Restoration-System Validation-System Operations-System Monitoring

Answer: D

Question: 8

A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated with
computer security incidents. Identify the procedure that is NOT part of the computer risk policy?

A. Procedure to identify security funds to hedge risk

B. Procedure to monitor the efficiency of security controls
C. Procedure for the ongoing training of employees authorized to access the system
D. Provisions for continuing support if there is an interruption in the system or if the system crashes

Answer: C

Question: 9

Identify the network security incident where intended authorized users are prevented from using
system, network, or applications by flooding the network with high volume of traffic that consumes
all existing network resources.

A. URL Manipulation
B. XSS Attack
C. SQL Injection
D. Denial of Service Attack

Answer: D

Question: 10

Incident handling and response steps help you to detect, identify, respond and manage an incident.
Which of the following steps focus on limiting the scope and extent of an incident?

A. Eradication
B. Containment
C. Identification
D. Data collection

Answer: B

ECIH V2 Dumps
No ratings yet
ECIH V2 Dumps
131 pages
Lab 8
No ratings yet
Lab 8
3 pages
Security Incident Handling Guide
100% (2)
Security Incident Handling Guide
3 pages
Website: Vce To PDF Converter: Facebook: Twitter:: 212-89.vceplus - Premium.Exam.163Q
No ratings yet
Website: Vce To PDF Converter: Facebook: Twitter:: 212-89.vceplus - Premium.Exam.163Q
44 pages
CGRC Dumps Demo
No ratings yet
CGRC Dumps Demo
20 pages
28.4.13 Lab - Incident Handling
No ratings yet
28.4.13 Lab - Incident Handling
3 pages
(Sea) TTCX VCP 2024
No ratings yet
(Sea) TTCX VCP 2024
43 pages
Case Study TMĐT
No ratings yet
Case Study TMĐT
10 pages
Test 1
No ratings yet
Test 1
12 pages
EC-Council Computer Incident Handler Exam by DFAT1
No ratings yet
EC-Council Computer Incident Handler Exam by DFAT1
17 pages
ECIH v2 Exam Questions & Answers
100% (1)
ECIH v2 Exam Questions & Answers
32 pages
Cybersecurity Incident Response Guide
No ratings yet
Cybersecurity Incident Response Guide
53 pages
AWR-169-W - Module 1
No ratings yet
AWR-169-W - Module 1
13 pages
Incident Response Best Practices
No ratings yet
Incident Response Best Practices
21 pages
Module 28 Incident Response
No ratings yet
Module 28 Incident Response
30 pages
Incident Handling Exercise Guide
No ratings yet
Incident Handling Exercise Guide
5 pages
IH Dumps Global
No ratings yet
IH Dumps Global
30 pages
Comptia Ucertify cs0-002 Exam Prep 2021-Apr-06 by Mick 79q Vce
0% (1)
Comptia Ucertify cs0-002 Exam Prep 2021-Apr-06 by Mick 79q Vce
19 pages
Incident and Disaster Management MCQS
No ratings yet
Incident and Disaster Management MCQS
24 pages
SR - CR Examples-WSjkku
No ratings yet
SR - CR Examples-WSjkku
14 pages
212-89 Exam: Certified Incident Handler Q&A
No ratings yet
212-89 Exam: Certified Incident Handler Q&A
4 pages
28.4.13 Lab - Incident Handling - ILM
No ratings yet
28.4.13 Lab - Incident Handling - ILM
4 pages
Microsoft Strategy for Executives
No ratings yet
Microsoft Strategy for Executives
11 pages
Latihan Manrisk
No ratings yet
Latihan Manrisk
10 pages
Uce 61q Vce
No ratings yet
Uce 61q Vce
17 pages
Incident Response Officer Question
No ratings yet
Incident Response Officer Question
6 pages
CISM Model Questions
0% (1)
CISM Model Questions
12 pages
Isc Chapter 2
No ratings yet
Isc Chapter 2
19 pages
End User License Agreement: State of
No ratings yet
End User License Agreement: State of
4 pages
212 89 Demo
No ratings yet
212 89 Demo
5 pages
Pass4Test: IT Certification Guaranteed, The Easy Way!
No ratings yet
Pass4Test: IT Certification Guaranteed, The Easy Way!
7 pages
Ebook No. 1 - Introduction To ChatGPT
100% (4)
Ebook No. 1 - Introduction To ChatGPT
52 pages
Chapter 2 - Incident Response, Business Continuity & Disaster Recovery Concepts Quiz
No ratings yet
Chapter 2 - Incident Response, Business Continuity & Disaster Recovery Concepts Quiz
9 pages
Become An Azure Administrator Libro I
100% (1)
Become An Azure Administrator Libro I
86 pages
Lecture 06 - Incident Management and SOC
No ratings yet
Lecture 06 - Incident Management and SOC
35 pages
Lecture 3
No ratings yet
Lecture 3
29 pages
ENTERPRISE RESOURCE PLANNING - Preeti
No ratings yet
ENTERPRISE RESOURCE PLANNING - Preeti
11 pages
SAP BI: Comprehensive Introduction
No ratings yet
SAP BI: Comprehensive Introduction
13 pages
Incident Management Operations: 37. Conduct Post-Incident Reviews To Facilitate Continuous Improvement
No ratings yet
Incident Management Operations: 37. Conduct Post-Incident Reviews To Facilitate Continuous Improvement
41 pages
Lab15 Iao
No ratings yet
Lab15 Iao
3 pages
Cybersecurity Incident Management
No ratings yet
Cybersecurity Incident Management
12 pages
Certified Information Security Manager (CISM) - Mock Exam
No ratings yet
Certified Information Security Manager (CISM) - Mock Exam
10 pages
Software Quality Metrics Capers Jones 120607
No ratings yet
Software Quality Metrics Capers Jones 120607
19 pages
ePROVIDE Online Distribution Guide v7
No ratings yet
ePROVIDE Online Distribution Guide v7
11 pages
Risks of Digital Banking
No ratings yet
Risks of Digital Banking
3 pages
Ismp 1-0
No ratings yet
Ismp 1-0
13 pages
Data Engineering 100-Day Plan
No ratings yet
Data Engineering 100-Day Plan
6 pages
Amit em
No ratings yet
Amit em
3 pages
Exam Dump Ecih 2021
No ratings yet
Exam Dump Ecih 2021
57 pages
Security Analyst Exam Prep Questions
No ratings yet
Security Analyst Exam Prep Questions
149 pages
STS Advance User Manual
No ratings yet
STS Advance User Manual
37 pages
ProjectWise Connect Edition User Guide
No ratings yet
ProjectWise Connect Edition User Guide
18 pages
Smart Video Solutions for Business
No ratings yet
Smart Video Solutions for Business
32 pages
IRTD Unit 1 Answers
No ratings yet
IRTD Unit 1 Answers
25 pages
Update S+ 601
No ratings yet
Update S+ 601
94 pages
Week 6 Quiz Incident Handling and Response (10452.B1)
No ratings yet
Week 6 Quiz Incident Handling and Response (10452.B1)
9 pages
Business Analytics and Decision Making
No ratings yet
Business Analytics and Decision Making
47 pages
Week 7 Quiz Incident Handling and Response (10452.B1)
No ratings yet
Week 7 Quiz Incident Handling and Response (10452.B1)
10 pages
Incident Response & Business Continuity
No ratings yet
Incident Response & Business Continuity
8 pages
ccs367 Storagetechnologiesquestionbank 240703092521 1be9c4cd
No ratings yet
ccs367 Storagetechnologiesquestionbank 240703092521 1be9c4cd
25 pages
Week 1 Quiz Incident Handling and Response (32133.B2)
No ratings yet
Week 1 Quiz Incident Handling and Response (32133.B2)
10 pages
Diptimayee Sahoo-Resume-Data Analyst (Word)
No ratings yet
Diptimayee Sahoo-Resume-Data Analyst (Word)
2 pages
212 89 Demo
0% (1)
212 89 Demo
8 pages
Quiz 2
No ratings yet
Quiz 2
4 pages
Logical Reasoning - DPP 02 - MBA Elite 2024
No ratings yet
Logical Reasoning - DPP 02 - MBA Elite 2024
25 pages
Ec Council Lead2pass 212 89 Study Guide 2024 Oct 23 by Alger 70q
No ratings yet
Ec Council Lead2pass 212 89 Study Guide 2024 Oct 23 by Alger 70q
9 pages
Ec Council Passleader 212 89 Brain Dumps 2024 Jul 11 by Buck 52q
No ratings yet
Ec Council Passleader 212 89 Brain Dumps 2024 Jul 11 by Buck 52q
11 pages
ASIS-CPP Certified Protection Professional Practice Questions
No ratings yet
ASIS-CPP Certified Protection Professional Practice Questions
8 pages
MALAPOTE - 28.4.13 Lab - Incident Handling
No ratings yet
MALAPOTE - 28.4.13 Lab - Incident Handling
3 pages
CSIRM - Assignment - 1 - Solved
No ratings yet
CSIRM - Assignment - 1 - Solved
17 pages
25 MCQs On The Topic-Incidece Managemetn
No ratings yet
25 MCQs On The Topic-Incidece Managemetn
12 pages
SAP S4HANA Case Study 1
No ratings yet
SAP S4HANA Case Study 1
4 pages
CISM
No ratings yet
CISM
5 pages
Training SharePoint Online Management and Administration (55370AC)
No ratings yet
Training SharePoint Online Management and Administration (55370AC)
4 pages
N11231 Indiko Analyzers Brochure en
No ratings yet
N11231 Indiko Analyzers Brochure en
8 pages
Inf 403
No ratings yet
Inf 403
20 pages
CS0 003 31 40
No ratings yet
CS0 003 31 40
10 pages
Eccouncil 212-89 Exam Questions: - Preparation Discussions
No ratings yet
Eccouncil 212-89 Exam Questions: - Preparation Discussions
8 pages
Inbound Process EWM SAP
No ratings yet
Inbound Process EWM SAP
32 pages
28.4.13 Lab - Incident Handling - ILM
No ratings yet
28.4.13 Lab - Incident Handling - ILM
6 pages
Cisco Renewals Manager
No ratings yet
Cisco Renewals Manager
7 pages
Ec Council - Passguide.212 89.rapidshare.2022 Nov 26.by - Roderick.127q.vce
No ratings yet
Ec Council - Passguide.212 89.rapidshare.2022 Nov 26.by - Roderick.127q.vce
13 pages
Nitesh Verma Review - 2025
No ratings yet
Nitesh Verma Review - 2025
7 pages
OS WK 12
No ratings yet
OS WK 12
5 pages
What Are STEP Files and How Do You Open Them - Adobe
No ratings yet
What Are STEP Files and How Do You Open Them - Adobe
1 page
Soal Ujian Hari Ini
No ratings yet
Soal Ujian Hari Ini
1 page
Domain 4 Questions
No ratings yet
Domain 4 Questions
60 pages