Special Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated 212-89 Exam Questions and Answers by ajay

Page: 4 / 12

ECCouncil 212-89 Exam Overview :

Exam Name: EC Council Certified Incident Handler (ECIH v3)
Exam Code: 212-89 Dumps
Vendor: ECCouncil Certification: ECIH
Questions: 168 Q&A's Shared By: ajay
Question 16

XYZ Inc. was affected by a malware attack and James, being the incident handling and

response (IH&R) team personnel handling the incident, found out that the root cause of

the incident is a backdoor that has bypassed the security perimeter due to an existing

vulnerability in the deployed firewall. James had contained the spread of the infection

and removed the malware completely. Now the organization asked him to perform

incident impact assessment to identify the impact of the incident over the organization

and he was also asked to prepare a detailed report of the incident.

Which of the following stages in IH&R process is James working on?

Options:

A.

Notification

B.

Evidence gathering and forensics analysis

C.

Post-incident activities

D.

Eradication

Discussion
Question 17

QualTech Solutions is a leading security services enterprise. Dickson works as an incident responder with this firm. He is performing vulnerability assessment to identify

the security problems in the network, using automated tools to identify the hosts, services, and vulnerabilities present in the enterprise network.

Based on the above scenario, identify the type of vulnerability assessment performed by Dickson.

Options:

A.

Internal assessment

B.

Active assessment

C.

Passive assessment

D.

External assessmen

Discussion
Miley
Hey, I tried Cramkey Dumps for my IT certification exam. They are really awesome and helped me pass my exam with wonderful score.
Megan Aug 30, 2024
That’s great!!! I’ll definitely give it a try. Thanks!!!
Georgina
I used Cramkey Dumps to prepare for my recent exam and I have to say, they were a huge help.
Corey Oct 2, 2024
Really? How did they help you? I know these are the same questions appears in exam. I will give my try. But tell me if they also help in some training?
Walter
Yayyy!!! I passed my exam with the help of Cramkey Dumps. Highly appreciated!!!!
Angus Nov 4, 2024
YES….. I saw the same questions in the exam.
Ace
No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!
Harris Oct 31, 2024
That sounds amazing. I'll definitely check them out. Thanks for the recommendation!
Question 18

Which of the following are malicious software programs that infect computers and corrupt or deletethe data on them?

Options:

A.

Worms

B.

Trojans

C.

Spyware

D.

Virus

Discussion
Question 19

Patrick is doing a cyber forensic investigation. He is in the process of collecting physical

evidence at the crime scene.

Which of the following elements he must consider while collecting physical evidence?

Options:

A.

Open ports, services, and operating system (OS) vulnerabilities

B.

DNS information including domain and subdomains

C.

Published name servers and web application source code

D.

Removable media, cable, and publications

Discussion
Page: 4 / 12

212-89
PDF

$36.75  $104.99

212-89 Testing Engine

$43.75  $124.99

212-89 PDF + Testing Engine

$57.75  $164.99