• Home
  • Articles
  • ECIH Certification Real Exam Questions and Answers FREE 212-89 Updated on Feb 20, 2022 [Q36-Q51]

ECIH Certification Real Exam Questions and Answers FREE 212-89 Updated on Feb 20, 2022 [Q36-Q51]

Share

ECIH Certification 212-89 Real Exam Questions and Answers FREE Updated on Feb 20, 2022

212-89 Ultimate Study Guide - TestValid

NEW QUESTION 36
Installing a password cracking tool, downloading pornography material, sending emails to colleagues which
irritates them and hosting unauthorized websites on the company's computer are considered:

  • A. Network based attacks
  • B. Unauthorized access attacks
  • C. Inappropriate usage incidents
  • D. Malware attacks

Answer: C

 

NEW QUESTION 37
Incident prioritization must be based on:

  • A. Current damage
  • B. Criticality of affected systems
  • C. Potential impact
  • D. All the above

Answer: D

 

NEW QUESTION 38
According to the Fourth Amendment of USA PATRIOT Act of 2001; if a search does NOT violate a person's "reasonable" or "legitimate" expectation of privacy then it is considered:

  • A. None of the above
  • B. Illegal/ illegitimate
  • C. Unethical
  • D. Constitutional/ Legitimate

Answer: D

 

NEW QUESTION 39
Absorbing minor risks while preparing to respond to major ones is called:

  • A. Risk Avoidance
  • B. Risk Assumption
  • C. Risk Mitigation
  • D. Risk Transfer

Answer: B

 

NEW QUESTION 40
Except for some common roles, the roles in an IRT are distinct for every organization. Which among the following is the role played by the Incident Coordinator of an IRT?

  • A. Applies the appropriate technology and tries to eradicate and recover from the incident
  • B. Focuses on the incident and handles it from management and technical point of view
  • C. Links the groups that are affected by the incidents, such as legal, human resources, different business areas and management
  • D. Links the appropriate technology to the incident to ensure that the foundation's offices are returned to normal operations as quickly as possible

Answer: C

 

NEW QUESTION 41
Which of the following terms may be defined as "a measure of possible inability to achieve a goal, objective, or target within a defined security, cost plan and technical limitations that adversely affects the organization's operation and revenues?

  • A. Vulnerability
  • B. Threat
  • C. Incident Response
  • D. Risk

Answer: D

 

NEW QUESTION 42
Agencies do NOT report an information security incident is because of:

  • A. Afraid of negative publicity
  • B. Have full knowledge about how to handle the attack internally
  • C. All the above
  • D. Do not want to pay the additional cost of reporting an incident

Answer: A

 

NEW QUESTION 43
Lack of forensic readiness may result in:

  • A. Data manipulation, deletion, and theft
  • B. System downtime
  • C. All the above
  • D. Loss of clients thereby damaging the organization's reputation

Answer: C

 

NEW QUESTION 44
Incident management team provides support to all users in the organization that are affected by the threat or attack. The organization's internal auditor is part of the incident response team. Identify one of the responsibilities of the internal auditor as part of the incident response team:

  • A. Configure information security controls
  • B. Coordinate incident containment activities with the information security officer
  • C. Identify and report security loopholes to the management for necessary actions
  • D. Perform necessary action to block the network traffic from suspected intruder

Answer: C

 

NEW QUESTION 45
Which of the following is a risk assessment tool:

  • A. Nmap
  • B. CRAMM
  • C. Wireshark
  • D. Nessus

Answer: B

 

NEW QUESTION 46
Computer viruses are malicious software programs that infect computers and corrupt or delete the data on them. Identify the virus type that specifically infects Microsoft Word files?

  • A. File Infector
  • B. Boot Sector virus
  • C. Macro Virus
  • D. Micro Virus

Answer: C

 

NEW QUESTION 47
An information security incident is

  • A. Any event that disrupts normal today's business functions
  • B. Any real or suspected adverse event in relation to the security of computer systems or networks
  • C. Any event that breaches the availability of information assets
  • D. All of the above

Answer: D

 

NEW QUESTION 48
Multiple component incidents consist of a combination of two or more attacks in a system. Which of the following is not a multiple component incident?

  • A. An attacker infecting a machine to launch a DDoS attack
  • B. An attacker using email with malicious code to infect internal workstation
  • C. An insider intentionally deleting files from a workstation
  • D. An attacker redirecting user to a malicious website and infects his system with Trojan

Answer: C

 

NEW QUESTION 49
According to the Evidence Preservation policy, a forensic investigator should make at least ..................... image copies of the digital evidence.

  • A. One image copy
  • B. Three image copies
  • C. Four image copies
  • D. Two image copies

Answer: D

 

NEW QUESTION 50
If the loss anticipated is greater than the agreed upon threshold; the organization will:

  • A. Accept the risk but after management approval
  • B. Accept the risk
  • C. Do nothing
  • D. Mitigate the risk

Answer: D

 

NEW QUESTION 51
......

Ultimate Guide to Prepare 212-89 Certification Exam for ECIH Certification: https://passtorrent.testvalid.com/212-89-valid-exam-test.html

Related Articles

more
EC-COUNCIL 212-89 Certification Practice Exam

Copyright © 2026 TestValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy