212-89 Exam Details

  • Exam Code
    :212-89
  • Exam Name
    :EC Council Certified Incident Handler (ECIH v3)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :232 Q&As
  • Last Updated
    :Jul 15, 2026

EC-COUNCIL 212-89 Online Questions & Answers

  • Question 181:

    Which category of insider threat involves individuals whose credentials are stolen and misused by external attackers?

    A. Malicious insider
    B. Professional insider
    C. Negligent insider
    D. Compromised insider

  • Question 182:

    QualTech Solutions is a leading security services enterprise. Dickson works as an incident responder with this firm. He is performing vulnerability assessment to identify the security problems in the network, using automated tools to identify the hosts, services, and vulnerabilities present in the enterprise network. Based on the above scenario, identify the type of vulnerability assessment performed by Dickson.

    A. Internal assessment
    B. Active assessment
    C. Passive assessment
    D. External assessment

  • Question 183:

    James is working as an incident responder at CyberSol Inc. The management instructed James to investigate a cybersecurity incident that recently happened in the company. As a part of the investigation process, James started collecting volatile information from a system running on Windows operating system. Which of the following commands helps James in determining all the executable files for running processes?

    A. cate A and. time ,/t
    B. netstat -ab
    C. top
    D. doskey/history

  • Question 184:

    A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to agency's reporting timeframe guidelines, this incident should be reported within 2 h of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity. Which incident category of US Federal Agency does this incident belong to?

    A. CAT 6
    B. CAT 2
    C. CAT 1
    D. CAT 5

  • Question 185:

    Preventing the incident from spreading and limiting the scope of the incident is known as:

    A. Incident Eradication
    B. Incident Protection
    C. Incident Containment
    D. Incident Classification

  • Question 186:

    Which of the following risk management processes identifies the risks, estimates the impact, and determines sources to recommend proper mitigation measures?

    A. Risk assessment
    B. Risk assumption
    C. Risk mitigation
    D. Risk avoidance

  • Question 187:

    An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of their maintenance. They first identified various risks and threats associated with cloud .. adoption and migrating critical business data to third-party systems. Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats. Which of the following tools would help the organization to secure cloud resources and services?

    A. Nmap
    B. Alert Logic
    C. Burp Suite
    D. Wireshark

  • Question 188:

    Which of the following is an Inappropriate usage incident?

    A. Access-control attack
    B. Reconnaissance attack
    C. Insider threat
    D. Denial-of-service attack

  • Question 189:

    Which of the following types of digital evidence is temporarily stored in a digital device that requires constant power supply and is deleted if the power supply is interrupted?

    A. Slack space
    B. Process memory
    C. Event logs
    D. Swap file

  • Question 190:

    Which one of the following is Inappropriate Usage Incidents?

    A. Insider Threat
    B. Reconnaissance Attack
    C. Access Control Attack
    D. Denial of Service Attack

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 212-89 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.