It is more faster and easier to pass the EC-Council 212-89 exam by using Exact EC-Council EC Council Certified Incident Handler (ECIH v2) questuins and answers. Immediate access to the Abreast of the times 212-89 Exam and find the same core area 212-89 questions with professionally verified answers, then PASS your exam with a high score now.

Online 212-89 free questions and answers of New Version:

NEW QUESTION 1
Insiders understand corporate business functions. What is the correct sequence of activities performed by Insiders to damage company assets:

  • A. Gain privileged access, install malware then activate
  • B. Install malware, gain privileged access, then activate
  • C. Gain privileged access, activate and install malware
  • D. Activate malware, gain privileged access then install malware

Answer: A

NEW QUESTION 2
According to the Fourth Amendment of USA PATRIOT Act of 2001; if a search does NOT violate a person’s “reasonable” or “legitimate” expectation of privacy then it is considered:

  • A. Constitutional/ Legitimate
  • B. Illegal/ illegitimate
  • C. Unethical
  • D. None of the above

Answer: A

NEW QUESTION 3
A self-replicating malicious code that does not alter files but resides in active memory and duplicates itself, spreads through the infected network automatically and takes advantage of file or information transport features on the system to travel independently is called:

  • A. Trojan
  • B. Worm
  • C. Virus
  • D. RootKit

Answer: B

NEW QUESTION 4
Incident management team provides support to all users in the organization that are affected by the threat or attack. The organization’s internal auditor is part of the incident response team. Identify one of the responsibilities of the internal auditor as part of the incident response team:

  • A. Configure information security controls
  • B. Perform necessary action to block the network traffic from suspected intruder
  • C. Identify and report security loopholes to the management for necessary actions
  • D. Coordinate incident containment activities with the information security officer

Answer: C

NEW QUESTION 5
The open source TCP/IP network intrusion prevention and detection system (IDS/IPS), uses a rule-driven language, performs real-time traffic analysis and packet logging is known as:

  • A. Snort
  • B. Wireshark
  • C. Nessus
  • D. SAINT

Answer: A

NEW QUESTION 6
Total cost of disruption of an incident is the sum of

  • A. Tangible and Intangible costs
  • B. Tangible cost only
  • C. Intangible cost only
  • D. Level Two and Level Three incidents cost

Answer: A

NEW QUESTION 7
Adam calculated the total cost of a control to protect 10,000 $ worth of data as 20,000 $. What do you advise Adam to do?

  • A. Apply the control
  • B. Not to apply the control
  • C. Use qualitative risk assessment
  • D. Use semi-qualitative risk assessment instead

Answer: B

NEW QUESTION 8
Incident prioritization must be based on:

  • A. Potential impact
  • B. Current damage
  • C. Criticality of affected systems
  • D. All the above

Answer: D

NEW QUESTION 9
The main feature offered by PGP Desktop Email is:

  • A. Email service during incidents
  • B. End-to-end email communications
  • C. End-to-end secure email service
  • D. None of the above

Answer: C

NEW QUESTION 10
What command does a Digital Forensic Examiner use to display the list of all IP addresses and their associated MAC addresses on a victim computer to identify the machines that were communicating with it:

  • A. “arp” command
  • B. “netstat –an” command
  • C. “dd” command
  • D. “ifconfig” command

Answer: A

NEW QUESTION 11
The most common type(s) of intellectual property is(are):

  • A. Copyrights and Trademarks
  • B. Patents
  • C. Industrial design rights & Trade secrets
  • D. All the above

Answer: D

NEW QUESTION 12
A living high level document that states in writing a requirement and directions on how an agency plans to protect its information technology assets is called:

  • A. Information security Policy
  • B. Information security Procedure
  • C. Information security Baseline
  • D. Information security Standard

Answer: A

NEW QUESTION 13
The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:

  • A. If the insider’s technical literacy is low and process knowledge is high, the risk posed by the threat will be insignificant.
  • B. If the insider’s technical literacy and process knowledge are high, the risk posed by the threat will be insignificant.
  • C. If the insider’s technical literacy is high and process knowledge is low, the risk posed by the threat will be high.
  • D. If the insider’s technical literacy and process knowledge are high, the risk posed by the threat will be high.

Answer: D

NEW QUESTION 14
Which of the following terms may be defined as “a measure of possible inability to achieve a goal, objective, or target within a defined security, cost plan and technical limitations that adversely affects the organization’s operation and revenues?

  • A. Risk
  • B. Vulnerability
  • C. Threat
  • D. Incident Response

Answer: A

NEW QUESTION 15
Business Continuity planning includes other plans such as:

  • A. Incident/disaster recovery plan
  • B. Business recovery and resumption plans
  • C. Contingency plan
  • D. All the above

Answer: D

NEW QUESTION 16
A software application in which advertising banners are displayed while the program is running that delivers ads to display pop-up windows or bars that appears on a computer screen or browser is called:

  • A. adware (spelled all lower case)
  • B. Trojan
  • C. RootKit
  • D. Virus
  • E. Worm

Answer: A

NEW QUESTION 17
If the loss anticipated is greater than the agreed upon threshold; the organization will:

  • A. Accept the risk
  • B. Mitigate the risk
  • C. Accept the risk but after management approval
  • D. Do nothing

Answer: B

NEW QUESTION 18
Quantitative risk is the numerical determination of the probability of an adverse event and the extent of the losses due to the event. Quantitative risk is calculated as:

  • A. (Probability of Loss) X (Loss)
  • B. (Loss) / (Probability of Loss)
  • C. (Probability of Loss) / (Loss)
  • D. Significant Risks X Probability of Loss X Loss

Answer: A

NEW QUESTION 19
Business Continuity provides a planning methodology that allows continuity in business operations:

  • A. Before and after a disaster
  • B. Before a disaster
  • C. Before, during and after a disaster
  • D. During and after a disaster

Answer: C

NEW QUESTION 20
Identify a standard national process which establishes a set of activities, general tasks and a management structure to certify and accredit systems that will maintain the information assurance (IA) and security posture of a system or site.

  • A. NIASAP
  • B. NIAAAP
  • C. NIPACP
  • D. NIACAP

Answer: D

NEW QUESTION 21
......

100% Valid and Newest Version 212-89 Questions & Answers shared by Certifytools, Get Full Dumps HERE: https://www.certifytools.com/212-89-exam.html (New 163 Q&As)