Enjoy 15% Discount With Coupon 15off

EC-Council 212-89 EC Council Certified Incident Handler (ECIH v2) Online Training

EC-Council 212-89 EC Council Certified Incident Handler (ECIH v2) Online Training

EC-Council 212-89 Online Training

The questions for 212-89 were last updated at Nov 23,2024.
  • Exam Code: 212-89
  • Exam Name: EC Council Certified Incident Handler (ECIH v2)
  • Certification Provider: EC-Council
  • Latest update: Nov 23,2024
Question #31

John is performing a memory dump analysis in order to find traces of malware. He has employed Volatility tool in order to achieve his objective.

Which of the following volatility framework command she will use in order to analyze the running process from the memory dump?

  • A . python vol.py hivelist-prof le=Win2008SP1x86 -f/root Desktop/memdump.mem
  • B . python vol.py pslist-profile=Win2008SP1x86 -f/root/Desktop/memdump.mem
  • C . python vol.py imageinfo -f/root/Desktop/memdump.mem
  • D . python vol.py svcscan–profile=Win2008SP1x86 -f/root/Desktop/memdump.mem | more

Reveal Solution Hide Solution

Question #32

Which of the following processes is referred to as an approach to respond to the security incidents that occur in an organization and enables the response team by ensuring that they know exactly what process to follow in case of security incidents?

  • A . Vulnerability management
  • B . Risk assessment
  • C . Incident response orchestration
  • D . Threat assessment

Reveal Solution Hide Solution

Question #33

Which one of the following is the correct flow of the stages in an incident handling and response (IH&R) process?

  • A . Preparation Incident recording Incident triage Containment Eradication Recovery Post-incident activities
  • B . Incident recording Preparation Containment Incident triage Recovery Eradication Post-incident activities
  • C . Containment Incident recording Incident triage Preparation Recovery Eradication Post-incident activities
  • D . Incident t rage Eradication Containment Incident recording Preparation Recovery Post-incident activities

Reveal Solution Hide Solution

Question #34

Which stage of the incident response and handling process involves auditing the system and network log files?

  • A . Containment
  • B . Incident disclosure
  • C . Incident eradication
  • D . Incident triage

Reveal Solution Hide Solution

Question #35

Stanley is an incident handler working for TexaCorp., a United States based organization. With the growing concern of increasing emails from outside the organization, Stanley was asked to take appropriate actions to keep the security of the organization intact. In the process of detecting and containing malicious emails, Stanley was asked to check the validity of the emails received by employees. Identify the tool Stanley can use to accomplish this task.

  • A . Email Dossier
  • B . Point of Mail
  • C . Polite Mail
  • D . Event Log Analyzer

Reveal Solution Hide Solution

Question #36

Which of the following is not the responsibility of first responders?

  • A . Packaging and transporting the electronic evidence
  • B . Protecting the crime scene
  • C . Preserving temporary and fragile evidence and then shutdown or reboot the victim’s computer
  • D . Identifying the crime scene

Reveal Solution Hide Solution

Question #37

identify the network security incident where intended or authorized users are prevented from using system, network, or applications by flooding the network with a high volume of traffic that consumes all existing network resources.

  • A . SQL injection
  • B . URL manipulation
  • C . XSS attack
  • D . Denial-of-service

Reveal Solution Hide Solution

Question #38

Multiple component incidents consist of a combination of two or more attacks in a system.

Which of the following is not a multiple component incident?

  • A . An attacker infecting a machine to launch a DDoS attack
  • B . An insider intentionally deleting files from a workstation
  • C . An attacker redirecting user to a malicious website and infects his system with Trojan
  • D . An attacker using email with malicious code to infect internal workstation

Reveal Solution Hide Solution

Question #39

Otis is an incident handler working in the Delmont organization. Recently, the organization is facing several setbacks in the business and thereby its revenues are going down. Otis was asked to take charge and look into the matter. While auditing the enterprise security, he found the traces of an attack where proprietary information was stolen from the enterprise network and was passed on to their competitors.

Which of the following information security incidents did the Delmont organization face?

  • A . Unauthorized access
  • B . Network and resource abuses
  • C . Email-based abuse
  • D . Espionage

Reveal Solution Hide Solution

Question #40

Which of the following methods help incident responders to reduce the false positive alert rates and further provide ben efts of focusing on top priority issues, thereby reducing potential risk and corporate liabilities?

  • A . Threat contextualization
  • B . Threat profiling
  • C . Threat attribution
  • D . Threat co relation

Reveal Solution Hide Solution

Previous Questions Next Questions
Latest 212-89 Dumps Valid Version with 163 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 212-89 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

01Oct

EC-Council 712-50 EC-Council Certified CISO (CCISO) Online Training

Question #1 Which of the following functions MUST your Information Security Governance program include for formal organizational reporting? A . Audit and... read more

15Oct

EC-Council CEH-001 Certified Ethical Hacker (CEH) Online Training

Question #1 Consider the following code: URL: http://www.certified.com/search.pl? text=<script>alert(document.cookie)</script> If an attacker can trick a victim user to click a link... read more

20Oct

EC-Council 212-81 EC-Council Certified Encryption Specialist (ECES) Online Training

Question #1 What size block does AES work on? A . 64B . 128C . 192D . 256 Reveal... read more

03Oct

EC-Council 312-49v9 ECCouncil Computer Hacking Forensic Investigator (V9) Online Training

Question #1 What does mactime, an essential part of the coroner's toolkit do? A . It traverses the file system and produces... read more

24Oct

EC-Council 312-50v10 Certified Ethical Hacker Exam (C|EH v10) Online Training

Question #1 As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find... read more

15Oct

EC-Council 312-85 Certified Threat Intelligence Analyst Online Training

Question #1 Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system... read more

16Oct

EC-Council 312-50v11 Certified Ethical Hacker Exam – C|EH v11 Online Training

Question #1 Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails... read more

04Nov

EC-Council 312-96 Certified Application Security Engineer (CASE) JAVA Online Training

Question #1 Sam, an application security engineer working in INFRA INC., was conducting a secure code review on an application developed... read more

26Sep

EC-Council 312-40 Certified Cloud Security Engineer (CCSE) Online Training

Question #1 Ray Nicholson works as a senior cloud security engineer in TerraCloud Sec Pvt. Ltd. His organization deployed all applications... read more

28Oct

EC-Council 312-39 Certified SOC Analyst (CSA) Online Training

Question #1 Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((%3C)|<)((%69)|i|(% 49))((%6D)|m|(%4D))((%67)|g|(%47))[^n]+((%3E)|>)/|. What does this event... read more