Enjoy 15% Discount With Coupon 15off

EC-Council 212-89 EC Council Certified Incident Handler (ECIH v2) Online Training

EC-Council 212-89 EC Council Certified Incident Handler (ECIH v2) Online Training

EC-Council 212-89 Online Training

The questions for 212-89 were last updated at Nov 22,2024.
  • Exam Code: 212-89
  • Exam Name: EC Council Certified Incident Handler (ECIH v2)
  • Certification Provider: EC-Council
  • Latest update: Nov 22,2024
Question #1

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical evidence at the crime scene.

Which of the following elements he must consider while collecting physical evidence?

  • A . Published nameservers and web application source code
  • B . DNS information including domain and subdomains
  • C . Removable media, cable, and publications
  • D . Open ports, services, and operating system (OS) vulnerabilities

Reveal Solution Hide Solution

Question #2

Eric works as a system administrator at ABC organization and previously granted several users with access privileges to the organizations systems with unlimited permissions. These privileged users could prospectively misuse their rights unintentionally, maliciously, or could be deceived by attackers that could trick them to perform malicious activities.

Which of the following guidelines would help incident handlers eradicate insider at tacks by privileged users?

  • A . Do not allow administrators to use unique accounts during the installation process
  • B . Do not use encryption methods to prevent administrators and privileged users from accessing backup tapes and sensitive information
  • C . Do not control the access to administrators and privileged users
  • D . Do not enable default administrative accounts to ensure accountability

Reveal Solution Hide Solution

Question #3

Which of the following email security tools can be used by an incident handler to prevent the organization against evolving email threats?

  • A . Mx Toolbox
  • B . G Suite Toolbox
  • C . Email Header Analyzer
  • D . Gpg4win

Reveal Solution Hide Solution

Question #4

Racheal is an incident handler working at an organization called Inception Tech. Recently, numerous employees have been complaining about receiving emails from unknown senders. In order to prevent employees from spoof ng emails and keeping security in mind, Racheal was asked to take appropriate actions in this matter. As a part of her assignment, she needs to analyze the email headers to check the authenticity of received emails.

Which of the following protocol/authentication standards she must check in email header to analyze the email authenticity?

  • A . POP
  • B . SNMP
  • C . DKIM
  • D . ARP

Reveal Solution Hide Solution

Question #5

Bonney’s system has been compromised by a gruesome malware.

What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?

What is the cause of this issue?

  • A . Complaint to police in a formal way regarding the incident
  • B . Turnoff the infected machine
  • C . Leave it to the network administrators to handle
  • D . Call the legal department in the organization and info m about the incident

Reveal Solution Hide Solution

Question #6

Which one of the following is Inappropriate Usage Incidents?

  • A . Denial of Service Attack
  • B . Reconnaissance Attack
  • C . Access Control Attack
  • D . Insider Threat

Reveal Solution Hide Solution

Question #7

Rinni is an incident handler and she is performing memory dump analysis.

Which of following tools she can use in order to perform a memory dump analysis?

  • A . iNetSim
  • B . OllyDbg and IDA Pro
  • C . Proc mon and Process Explorer
  • D . Scylla and Olly DumpEx

Reveal Solution Hide Solution

Question #8

Rose is an incident-handler and is responsible for detecting and eliminating any kind of scanning attempts over the network by malicious threat actors. Rose uses Wire shark to sniff the network and detect any malicious activities going on.

Which of the following Wireshark filters can be used by her to detect TCP Xmas scan attempt by the attacker?

  • A . tcp.flags.reset== 1
  • B . tcp.flags==0X 000
  • C . tcp.flags==0X 029
  • D . tcp.dstport== 7

Reveal Solution Hide Solution

Question #9

Which of the following is not a countermeasure to eradicate cloud security incidents?

  • A . Checking for data protection at both design and runtime
  • B . Disabling security options such as two factor authentication and CAPTCHA
  • C . Patching the database vulnerabilities and improving the isolation mechanism
  • D . Removing the malware files and traces from the affected components

Reveal Solution Hide Solution

Question #10

Who is mainly responsible for providing proper network services and handling network-related incidents in each cloud service model?

  • A . Cloud brokers
  • B . Cloud service provider
  • C . Cloud consumer
  • D . Cloud auditor

Reveal Solution Hide Solution

Next Questions
Latest 212-89 Dumps Valid Version with 163 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 212-89 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

03Oct

EC-Council 312-49v9 ECCouncil Computer Hacking Forensic Investigator (V9) Online Training

Question #1 What does mactime, an essential part of the coroner's toolkit do? A . It traverses the file system and produces... read more

15Oct

EC-Council 312-85 Certified Threat Intelligence Analyst Online Training

Question #1 Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system... read more

24Oct

EC-Council 312-50v10 Certified Ethical Hacker Exam (C|EH v10) Online Training

Question #1 As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find... read more

04Nov

EC-Council 312-96 Certified Application Security Engineer (CASE) JAVA Online Training

Question #1 Sam, an application security engineer working in INFRA INC., was conducting a secure code review on an application developed... read more

19Oct

EC-Council 412-79V10 EC-Council Certified Security Analyst (ECSA) V10 Online Training

Question #1 A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that... read more

28Oct

EC-Council 312-39 Certified SOC Analyst (CSA) Online Training

Question #1 Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((%3C)|<)((%69)|i|(% 49))((%6D)|m|(%4D))((%67)|g|(%47))[^n]+((%3E)|>)/|. What does this event... read more

11Oct

EC-Council 312-50v12 Certified Ethical Hacker Exam (CEHv12) Online Training

Question #1 Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs? A . NiktoB .... read more

15Oct

EC-Council CEH-001 Certified Ethical Hacker (CEH) Online Training

Question #1 Consider the following code: URL: http://www.certified.com/search.pl? text=<script>alert(document.cookie)</script> If an attacker can trick a victim user to click a link... read more

16Oct

EC-Council 312-50v11 Certified Ethical Hacker Exam – C|EH v11 Online Training

Question #1 Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails... read more

28Oct

EC-Council ECSAv10 EC-Council Certified Security Analyst Online Training

Question #1 Irin is a newly joined penetration tester for XYZ Ltd. While joining, as a part of her training, she... read more