[Q70-Q86] Free Sample Questions to Practice 212-89 Certification Test Engine [Feb-2023]

Share

Free Sample Questions to Practice 212-89 Certification Test Engine [Feb-2023]

2023 Valid 212-89 Real Exam Questions, practice ECIH Certification


Breaking down Test Details

The ECIH 212-89 exam is offered at the ECC Exam Center. It is a 3-hour long exam that brings a maximum of 100 items. It should be stated that this test is restricted to learners above 18 years of age. Also, the EC-Council has the mandate to revoke your certificate if you obtain it through unscrupulous means or fail to comply with the exam policies as stated in the official handbook. Finally, scheduling this test costs $450 for all interested candidates.


EC-COUNCIL 212-89 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Handling and Responding to Network Security Incidents
  • Handling and Responding to Malware Incidents
Topic 2
  • Handling and Responding to Web Application Security Incidents
  • Introduction to Incident Handling and Response
Topic 3
  • Handling and Responding to Email Security Incidents
Topic 4
  • Handling and Responding to Cloud Security Incidents
  • Incident Handling and Response Process
Topic 5
  • Handling and Responding to Insider Threats
  • Forensic Readiness and First Response

 

NEW QUESTION 70
One of your coworkers just sent you an email. She wonders if it is real, a part of your phishing campaign, a real phishing attack, or a mistake. One of the things you want to know is where the email originated from.
Where would you check in the email message to find that information?

  • A. The user's received report
  • B. Email headers
  • C. Email's received report
  • D. Inbox digest

Answer: B

 

NEW QUESTION 71
Which policy recommends controls for securing and tracking organizational resources:

  • A. Administrative security policy
  • B. Acceptable use policy
  • C. Access control policy
  • D. Asset control policy

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 72
Dash wants to perform a DoS attack over 256 target URLs simultaneously.
Which of the following tools can Dash employ to achieve his objective?

  • A. HOIC
  • B. Open VAS
  • C. Ollydbg
  • D. IDA Pro

Answer: A

 

NEW QUESTION 73
A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to the agency's reporting timeframe guidelines, this incident should be reported within 2h of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity.
Which incident category of US Federal Agency does this incident belong to?

  • A. CAT 5
  • B. CAT 2
  • C. CAT 1
  • D. CAT 6

Answer: B

 

NEW QUESTION 74
An adversary attacks the information resources to gain undue advantage is called:

  • A. Offensive Information Warfare
  • B. Electronic Warfare
  • C. Defensive Information Warfare
  • D. Conventional Warfare

Answer: A

 

NEW QUESTION 75
John is a professional hacker who is performing an attack on the target organization where he tries to redirect the connection between the IP address and its target server such that when the users type in the Internet address, it redirects them to a rogue website that resembles the original website. He tries this attack using cache poisoning technique.
Identify the type of attack John is performing on the target organization.

  • A. Pharming
  • B. Skimming
  • C. War driving
  • D. Pre texting

Answer: A

 

NEW QUESTION 76
John is performing a memory dump analysis in order to find traces of malware. He has employed Volatility tool in order to achieve his objective.
Which of the following volatility framework command she will use in order to analyze the running process from the memory dump?

  • A. python vol.py hivelist-prof le=Win2008SP1x86 -f/root Desktop/memdump.mem
  • B. python vol.py imageinfo -f/root/Desktop/memdump.mem
  • C. python vol.py pslist-profile=Win2008SP1x86 -f/root/Desktop/memdump.mem
  • D. python vol.py svcscan--profile=Win2008SP1x86 -f/root/Desktop/memdump.mem | more

Answer: C

 

NEW QUESTION 77
Which of the following is NOT a digital forensic analysis tool:

  • A. Access Data FTK
  • B. Helix
  • C. Guidance Software EnCase Forensic
  • D. EAR/ Pilar

Answer: D

 

NEW QUESTION 78
Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?

  • A. Forensics Procedure Plan
  • B. New business strategy plan
  • C. Sales and Marketing plan
  • D. Business Recovery Plan

Answer: D

 

NEW QUESTION 79
Sam received an alert through an email monitoring tool indicating that their company was targeted by a phishing attack. After analyzing the incident, Sam identified that most of the targets of the attack are high-prof le executives of the company.
What type of phishing attack is this?

  • A. Spear phishing
  • B. Pharming
  • C. Puddle phishing
  • D. Whaling

Answer: D

 

NEW QUESTION 80
Incident management team provides support to all users in the organization that are affected by the threat or
attack. The organization's internal auditor is part of the incident response team. Identify one of the
responsibilities of the internal auditor as part of the incident response team:

  • A. Identify and report security loopholes to the management for necessary actions
  • B. Coordinate incident containment activities with the information security officer
  • C. Configure information security controls
  • D. Perform necessary action to block the network traffic from suspected intruder

Answer: A

 

NEW QUESTION 81
An incident handler is analyzing email headers to uncover suspicious emails.
Which of the following tools would he/she use in order to accomplish this task?

  • A. Mx Toolbox
  • B. Barracuda Email Security Gateway
  • C. Go phish
  • D. SPAMfighter

Answer: A

 

NEW QUESTION 82
Which among the following CERTs is an Internet provider to higher education institutions and various other research institutions in the Netherlands and deals with all cases related to computer security incidents in which a customer is involved either as a victim or as a suspect?

  • A. SURFnet-CERT
  • B. DFN-CERT
  • C. NET-CERT
  • D. Funet CERT

Answer: A

 

NEW QUESTION 83
A malicious security-breaking code that is disguised as any useful program that installs an executable programs when a file is opened and allows others to control the victim's system is called:

  • A. Worm
  • B. Trojan
  • C. Virus
  • D. RootKit

Answer: B

 

NEW QUESTION 84
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of
the following steps focus on limiting the scope and extent of an incident?

  • A. Identification
  • B. Data collection
  • C. Eradication
  • D. Containment

Answer: D

 

NEW QUESTION 85
Insiders understand corporate business functions. What is the correct sequence of activities performed by Insiders to damage company assets:

  • A. Activate malware, gain privileged access then install malware
  • B. Install malware, gain privileged access, then activate
  • C. Gain privileged access, activate and install malware
  • D. Gain privileged access, install malware then activate

Answer: D

 

NEW QUESTION 86
......

Genuine 212-89 Exam Dumps Free Demo Valid QA's: https://www.itpassleader.com/EC-COUNCIL/212-89-dumps-pass-exam.html

Latest Success Metrics For Actual 212-89 Exam (Updated 205 Questions): https://drive.google.com/open?id=1O2-BEsBj5CI7cyUeaoO-tx_zLFe88ZNf

0
0
0
0