
[2022] Pass EC-COUNCIL 212-89 Test Practice Test Questions Exam Dumps
Verified 212-89 dumps Q&As - 212-89 dumps with Correct Answers
Exam Overview
The EC-Council 212-89 exam is delivered through the ECC Test Centers that are located around the world. The certification test contains 100 multiple-choice questions and has the allocated duration of 3 hours. The exam is available in the English language only. To complete the test successfully, you need to give at least 70% of the correct answers. If one fails this EC-Council exam at the first attempt, there is no waiting period for the second try. For the third and subsequent attempts, a waiting period of 14 days is established. After passing the test, you will receive your ECIH certificate within 7 business days.
NEW QUESTION 69
Business continuity is defined as the ability of an organization to continue to function even after a disastrous
event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant
systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a
business continuity plan?
- A. New business strategy plan
- B. Forensics Procedure Plan
- C. Business Recovery Plan
- D. Sales and Marketing plan
Answer: C
NEW QUESTION 70
Changing the web server contents, Accessing the workstation using a false ID and Copying sensitive data without authorization are examples of:
- A. DDoS attacks
- B. Social Engineering attacks
- C. Malware attacks
- D. Unauthorized access attacks
Answer: D
NEW QUESTION 71
Insiders understand corporate business functions. What is the correct sequence of activities performed by Insiders to damage company assets:
- A. Install malware, gain privileged access, then activate
- B. Gain privileged access, activate and install malware
- C. Gain privileged access, install malware then activate
- D. Activate malware, gain privileged access then install malware
Answer: C
NEW QUESTION 72
Keyloggers do NOT:
- A. Run in the background
- B. Alter system files
- C. Send log file to attacker's email or upload it to an ftp server
- D. Secretly records URLs visited in browser, keystrokes, chat conversations, ...etc
Answer: B
NEW QUESTION 73
They type of attack that prevents the authorized users to access networks, systems, or applications by exhausting the network resources and sending illegal requests to an application is known as:
- A. Man in the Middle attack
- B. Session Hijacking attack
- C. Denial of Service attack
- D. SQL injection attack
Answer: C
NEW QUESTION 74
The message that is received and requires an urgent action and it prompts the recipient to delete certain files or forward it to others is called:
- A. A Virus Hoax
- B. Spear Phishing
- C. An Adware
- D. Mail bomb
Answer: A
NEW QUESTION 75
Lack of forensic readiness may result in:
- A. Data manipulation, deletion, and theft
- B. System downtime
- C. All the above
- D. Loss of clients thereby damaging the organization's reputation
Answer: C
NEW QUESTION 76
ADAM, an employee from a multinational company, uses his company's accounts to send e-mails to a third party with their spoofed mail address. How can you categorize this type of account?
- A. Network intrusion incident
- B. Unauthorized access incident
- C. Denial of Service incident
- D. Inappropriate usage incident
Answer: D
NEW QUESTION 77
The state of incident response preparedness that enables an organization to maximize its potential to use digital evidence while minimizing the cost of an investigation is called:
- A. Computer Forensics
- B. Digital Forensic Policy
- C. Digital Forensic Analysis
- D. Forensic Readiness
Answer: D
NEW QUESTION 78
In the Control Analysis stage of the NIST's risk assessment methodology, technical and none technical control methods are classified into two categories. What are these two control categories?
- A. Preventive and Detective controls
- B. Predictive and Detective controls
- C. Detective and Disguised controls
- D. Preventive and predictive controls
Answer: A
NEW QUESTION 79
A software application in which advertising banners are displayed while the program is running that delivers
ads to display pop-up windows or bars that appears on a computer screen or browser is called:
- A. Trojan
- B. adware (spelled all lower case)
- C. RootKit
- D. Virus
- E. Worm
Answer: B
NEW QUESTION 80
A malicious security-breaking code that is disguised as any useful program that installs an executable
programs when a file is opened and allows others to control the victim's system is called:
- A. Trojan
- B. RootKit
- C. Virus
- D. Worm
Answer: A
Explanation:
Explanation
NEW QUESTION 81
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of
the following steps focus on limiting the scope and extent of an incident?
- A. Identification
- B. Eradication
- C. Containment
- D. Data collection
Answer: C
NEW QUESTION 82
The network perimeter should be configured in such a way that it denies all incoming and outgoing traffic/ services that are not required. Which service listed below, if blocked, can help in preventing Denial of Service attack?
- A. Echo service
- B. SAM service
- C. POP3 service
- D. SMTP service
Answer: A
NEW QUESTION 83
Preventing the incident from spreading and limiting the scope of the incident is known as:
- A. Incident Classification
- B. Incident Containment
- C. Incident Eradication
- D. Incident Protection
Answer: B
NEW QUESTION 84
What is the best staffing model for an incident response team if current employees' expertise is very low?
- A. Partially outsourced
- B. Fully insourced
- C. All the above
- D. Fully outsourced
Answer: D
NEW QUESTION 85
Computer forensics is methodical series of techniques and procedures for gathering evidence from computing
equipment, various storage devices and or digital media that can be presented in a course of law in a coherent
and meaningful format. Which one of the following is an appropriate flow of steps in the computer forensics
process:
- A. Examination> Analysis > Preparation > Collection > Reporting
- B. Analysis > Preparation > Collection > Reporting > Examination
- C. Preparation > Analysis > Collection > Examination > Reporting
- D. Preparation > Collection > Examination > Analysis > Reporting
Answer: D
NEW QUESTION 86
......
212-89 certification guide Q&A from Training Expert Free4Dump: https://www.free4dump.com/212-89-braindumps-torrent.html
The Best ECIH Certification Study Guide for the 212-89 Exam: https://drive.google.com/open?id=13yVc8zWvJYZz3Gy2AW7R6hv5Tiu8j9KD