212-89 Exam Details

  • Exam Code
    :212-89
  • Exam Name
    :EC Council Certified Incident Handler (ECIH v3)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :232 Q&As
  • Last Updated
    :

EC-COUNCIL 212-89 Online Questions & Answers

  • Question 211:

    During the process of detecting and containing malicious emails, incident responders should examine the originating IP address of the emails. The steps to examine the originating IP address are as follow:

    1.

    Search for the IP in the WHOIS database

    2.

    Open the email to trace and find its header

    3.

    Collect the IP address of the sender from the header of the received mail

    4.

    Look for the geographic address of the sender in the WHOIS database

    Identify the correct sequence of steps to be performed by the incident responders to examine originating IP address of the emails.

    A. 4-->1-->2-->3
    B. 2-->1-->4-->3
    C. 1-->3-->2-->4
    D. 2-->3-->1-->4

  • Question 212:

    Which type of incident involves unauthorized disclosure of classified organizational information without modifying or destroying the data?

    A. Integrity violation
    B. Availability violation
    C. Confidentiality violation
    D. Authenticity violation

  • Question 213:

    Eric works as an incident handler at Erinol software systems. He was assigned a task to protect the organization from any kind of DoS/DDoS attacks. Which of the following tools can be used by Eric to achieve his objective?

    A. Incapsula
    B. Hydra
    C. IDA
    D. Wireshark

  • Question 214:

    Which of the following is a type of malicious code or software that appears legitimate but can take control of your computer?

    A. Phishing attack
    B. DDoS
    C. Trojan attack
    D. Password attack

  • Question 215:

    Francis is an incident handler and security expert. He works at MorisonTech Solutions based in Sydney, Australia. He was assigned a task to detect phishing/spam mails for the client organization. Which of the following tools can assist Francis to perform the required task?

    A. Netcraft
    B. Nessus
    C. BTCrack
    D. Cain and Abel

  • Question 216:

    Which of the following methods help incident responders to reduce the false-positive alert rates and further provide benefits of focusing on topmost priority issues reducing potential risk and corporate liabilities?

    A. Threat profiling
    B. Threat contextualization
    C. Threat correlation
    D. Threat attribution

  • Question 217:

    The largest number of cyber-attacks are conducted by:

    A. Insiders
    B. Outsiders
    C. Business partners
    D. Suppliers

  • Question 218:

    ZYX company experienced a DoS/DDoS attack on their network. Upon investigating the incident, they concluded that the attack is an application-layer attack. Which of the following attacks did the attacker use?

    A. Slowloris attack
    B. UDP flood attack
    C. SYN flood attack
    D. Ping of ceath

  • Question 219:

    Allan performed a reconnaissance attack on his corporate network as part of a red-team activity. He scanned the IP range to find live host IP addresses. What type of technique did he use to exploit the network?

    A. DNS foot printing
    B. Social engineering
    C. Port scanning
    D. Ping sweeping

  • Question 220:

    Which of the following is not a countermeasure to eradicate cloud security incidents?

    A. Patch the database vulnerabilities and improve the isolation mechanism
    B. Remove the malware files and traces from the affected components
    C. Check for data protection at both design and runtime
    D. Disable security options such as two factor authentication and CAPTCHA

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 212-89 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.