212-89 Actual Exam Questions

Last updated on Dec. 30, 2024.
Vendor:ECCouncil
Exam Code:212-89
Exam Name:EC-Council Certified Incident Handler
Exam Questions:163
 

Topic 1 - Single Topic

Question #1 Topic 1

Which of the following terms may be defined as "a measure of possible inability to achieve a goal, objective, or target within a defined security, cost plan and technical limitations that adversely affects the organization's operation and revenues?

  • A. Risk
  • B. Vulnerability
  • C. Threat
  • D. Incident Response
Reveal Solution Hide Solution   Discussion   3

Correct Answer: A 🗳️

Question #2 Topic 1

A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:

  • A. Trojans
  • B. Zombies
  • C. Spyware
  • D. Worms
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #3 Topic 1

The goal of incident response is to handle the incident in a way that minimizes damage and reduces recovery time and cost. Which of the following does NOT constitute a goal of incident response?

  • A. Dealing with human resources department and various employee conflict behaviors.
  • B. Using information gathered during incident handling to prepare for handling future incidents in a better way and to provide stronger protection for systems and data.
  • C. Helping personal to recover quickly and efficiently from security incidents, minimizing loss or theft and disruption of services.
  • D. Dealing properly with legal issues that may arise during incidents.
Reveal Solution Hide Solution   Discussion   2

Correct Answer: A 🗳️

Question #4 Topic 1

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?

  • A. High level incident
  • B. Middle level incident
  • C. Ultra-High level incident
  • D. Low level incident
Reveal Solution Hide Solution   Discussion   14

Correct Answer: B 🗳️

file Viewing page 1 out of 41 pages.
Viewing questions 1-4 out of 163 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago