Free 212-89 Exam Dumps

No Installation Required, Instantly Prepare for the 212-89 exam and please click the below link to start the 212-89 Exam Simulator with a real 212-89 practice exam questions.
Use directly our on-line 212-89 exam dumps materials and try our Testing Engine to pass the 212-89 which is always updated.

  • Exam Code: 212-89
  • Exam Title: EC Council Certified Incident Handler (ECIH v2)
  • Vendor: EC-Council
  • Exam Questions: 163
  • Last Updated: December 18th,2024

Question 1

Which of the following may be considered as insider threat(s):

Correct Answer:B

Question 2

One of the goals of CSIRT is to manage security problems by taking a certain approach towards the customers’ security vulnerabilities and by responding effectively to potential information security incidents. Identify the incident response approach that focuses on developing the infrastructure and security processes before the occurrence or detection of an event or any incident:

Correct Answer:C

Question 3

A malware code that infects computer files, corrupts or deletes the data in them and requires a host file to propagate is called:

Correct Answer:C

Question 4

The IDS and IPS system logs indicating an unusual deviation from typical network traffic flows; this is called:

Correct Answer:B

Question 5

An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?

Correct Answer:A