Download EC-Council Certified Incident Handler.test-inside.212-89.2019-09-30.1e.97q.vcex

Download Exam

File Info

Exam EC-Council Certified Incident Handler
Number 212-89
File Name EC-Council Certified Incident Handler.test-inside.212-89.2019-09-30.1e.97q.vcex
Size 206 Kb
Posted September 30, 2019
Downloads 39
Download EC-Council Certified Incident Handler.test-inside.212-89.2019-09-30.1e.97q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:

  • A: Trojans
  • B: Zombies
  • C: Spyware
  • D: Worms

Correct Answer: B

Question 2

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization’s incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. 
How would you categorize such information security incident?

  • A: High level incident
  • B: Middle level incident
  • C: Ultra-High level incident
  • D: Low level incident

Correct Answer: A

Question 3

Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?

  • A: Forensics Procedure Plan
  • B: Business Recovery Plan
  • C: Sales and Marketing plan
  • D: New business strategy plan

Correct Answer: B

Question 4

The flow chart gives a view of different roles played by the different personnel of CSIRT. Identify the incident response personnel denoted by A, B, C, D, E, F and G. 


  • A: A-Incident Analyst, B- Incident Coordinator, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager
  • B: A- Incident Coordinator, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Manager
  • C: A- Incident Coordinator, B- Constituency, C-Administrator, D-Incident Manager, E- Human Resource, F-Incident Analyst, G-Public relations
  • D: A- Incident Manager, B-Incident Analyst, C- Public Relations, D-Administrator, E- Human Resource, F-Constituency, G-Incident Coordinator

Correct Answer: C

Question 5

Which of the following is an appropriate flow of the incident recovery steps?

  • A: System Operation-System Restoration-System Validation-System Monitoring
  • B: System Validation-System Operation-System Restoration-System Monitoring
  • C: System Restoration-System Monitoring-System Validation-System Operations
  • D: System Restoration-System Validation-System Operations-System Monitoring

Correct Answer: D

Question 6

Identify the network security incident where intended authorized users are prevented from using system, network, or applications by flooding the network with high volume of traffic that consumes all existing network resources.

  • A: URL Manipulation
  • B: XSS Attack
  • C: SQL Injection
  • D: Denial of Service Attack

Correct Answer: D

Question 7

Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following steps focus on limiting the scope and extent of an incident?

  • A: Eradication
  • B: Containment
  • C: Identification
  • D: Data collection

Correct Answer: B

Question 8

Quantitative risk is the numerical determination of the probability of an adverse event and the extent of the losses due to the event. Quantitative risk is calculated as:

  • A: (Probability of Loss) X (Loss)
  • B: (Loss) / (Probability of Loss)
  • C: (Probability of Loss) / (Loss)
  • D: Significant Risks X Probability of Loss X Loss

Correct Answer: A

Question 9

An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?

  • A: Creating new business processes to maintain profitability after incident
  • B: Providing a standard for testing the recovery plan
  • C: Avoiding the legal liabilities arising due to incident
  • D: Providing assurance that systems are reliable

Correct Answer: A

Question 10

An audit trail policy collects all audit trails such as series of records of computer events, about an operating system, application or user activities. 
Which of the following statements is NOT true for an audit trail policy:

  • A: It helps calculating intangible losses to the organization due to incident
  • B: It helps tracking individual actions and allows users to be personally accountable for their actions
  • C: It helps in compliance to various regulatory laws, rules,and guidelines
  • D: It helps in reconstructing the events after a problem has occurred

Correct Answer: A





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files