DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest EC-Council 212-89 Exam Questions for Comprehensive Preparation

SPOTO's EC-Council 212-89 Certified Incident Handler practice questions are the ultimate resource for exam success. These comprehensive exam questions and answers cover all essential topics, providing realistic practice questions and mock exams to simulate the real test environment. Leverage these invaluable exam preparation study materials and exam resources to identify knowledge gaps and reinforce your incident handling skills. With SPOTO's 212-89 practice questions, you'll gain the confidence and expertise necessary to pass successfully. These meticulously crafted exam resources ensure you're fully prepared to demonstrate your mastery in incident handling and response. Ace the EC-Council Certified Incident Handler exam with SPOTO's trusted practice questions.
Take other online exams

Question #1
Which of the following terms may be defined as "a measure of possible inability to achieve a goal, objective, or target within a defined security, cost plan and technical limitations that adversely affects the organization's operation and revenues?
A. isk
B. ulnerability
C. hreat
D. ncident Response
View answer
Correct Answer: A
Question #2
A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:
A. rojans
B. ombies
C. pyware
D. orms
View answer
Correct Answer: B
Question #3
The goal of incident response is to handle the incident in a way that minimizes damage and reduces recovery time and cost. Which of the following does NOT constitute a goal of incident response?
A. ealing with human resources department and various employee conflict behaviors
B. sing information gathered during incident handling to prepare for handling future incidents in a better way and to provide stronger protection for systems and data
C. elping personal to recover quickly and efficiently from security incidents, minimizing loss or theft and disruption of services
D. ealing properly with legal issues that may arise during incidents
View answer
Correct Answer: A
Question #4
An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?
A. igh level incident
B. iddle level incident
C. ltra-High level incident
D. ow level incident
View answer
Correct Answer: A
Question #5
The sign of incident that may happen in the future is called:
A. A Precursor
B. An Indication
C. A Proactive
D. A Reactive
View answer
Correct Answer: A
Question #6
Incidents such as DDoS that should be handled immediately may be considered as:
A. Level One incident
B. Level Two incident
C. Level Three incident
D. Level Four incident
View answer
Correct Answer: C
Question #7
Total cost of disruption of an incident is the sum of
A. Tangible and Intangible costs
B. Tangible cost only
C. Intangible cost only
D. Level Two and Level Three incidents cost
View answer
Correct Answer: A
Question #8
Incident prioritization must be based on:
A. Potential impact
B. Current damage
C. Criticality of affected systems
D. All the above
View answer
Correct Answer: D
Question #9
An information security incident is
A. Any real or suspected adverse event in relation to the security of computer systems or networks
B. Any event that disrupts normal today"?s business functions
C. Any event that breaches the availability of information assets
D. All of the above
View answer
Correct Answer: D
Question #10
Which of the following can be considered synonymous:
A. Hazard and Threat
B. Threat and Threat Agent
C. Precaution and countermeasure
D. Vulnerability and Danger
View answer
Correct Answer: A
Question #11
If the loss anticipated is greater than the agreed upon threshold; the organization will:
A. Accept the risk
B. Mitigate the risk
C. Accept the risk but after management approval
D. Do nothing
View answer
Correct Answer: B
Question #12
A payroll system has a vulnerability that cannot be exploited by current technology. Which of the following is correct about this scenario:
A. The risk must be urgently mitigated
B. The risk must be transferred immediately
C. The risk is not present at this time
D. The risk is accepted
View answer
Correct Answer: C
Question #13
Overall Likelihood rating of a Threat to Exploit a Vulnerability is driven by :
A. Threat-source motivation and capability
B. Nature of the vulnerability
C. Existence and effectiveness of the current controls
D. All the above
View answer
Correct Answer: D
Question #14
Absorbing minor risks while preparing to respond to major ones is called:
A. Risk Mitigation
B. Risk Transfer
C. Risk Assumption
D. Risk Avoidance
View answer
Correct Answer: C
Question #15
The left over risk after implementing a control is called:
A. Residual risk
B. Unaccepted risk
C. Low risk
D. Critical risk
View answer
Correct Answer: A
Question #16
Adam calculated the total cost of a control to protect 10,000 $ worth of data as 20,000 $. What do you advise Adam to do?
A. Apply the control
B. Not to apply the control
C. Use qualitative risk assessment
D. Use semi-qualitative risk assessment instead
View answer
Correct Answer: B
Question #17
What is correct about Quantitative Risk Analysis:
A. It is Subjective but faster than Qualitative Risk Analysis
B. Easily automated
C. Better than Qualitative Risk Analysis
D. Uses levels and descriptive expressions
View answer
Correct Answer: B
Question #18
Which of the following is a risk assessment tool:
A. Nessus
B. Wireshark
C. CRAMM
D. Nmap
View answer
Correct Answer: C
Question #19
In NIST risk assessment/ methodology; the process of identifying the boundaries of an IT system along with the resources and information that constitute the system is known as:
A. Asset Identification
B. System characterization
C. Asset valuation
D. System classification
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: