1. Home
  2. EC-COUNCIL
  3. 212-89

EC-Council Certified Incident Handler (ECIH)

Exam Details

  • Exam Code
    :212-89
  • Exam Name
    :EC-Council Certified Incident Handler (ECIH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :163 Q&As
  • Last Updated
    :Apr 08, 2025

EC-COUNCIL EC-COUNCIL Certifications 212-89 Questions & Answers

  • Question 61:

    The very well-known free open source port, OS and service scanner and network discovery utility is called:

    A. Wireshark

    B. Nmap (Network Mapper)

    C. Snort

    D. SAINT

  • Question 62:

    To respond to DDoS attacks; one of the following strategies can be used:

    A. Using additional capacity to absorb attack

    B. Identifying none critical services and stopping them

    C. Shut down some services until the attack has subsided

    D. All the above

  • Question 63:

    Installing a password cracking tool, downloading pornography material, sending emails to colleagues which irritates them and hosting unauthorized websites on the company's computer are considered:

    A. Network based attacks

    B. Unauthorized access attacks

    C. Malware attacks

    D. Inappropriate usage incidents

  • Question 64:

    Changing the web server contents, Accessing the workstation using a false ID and Copying sensitive data without authorization are examples of:

    A. DDoS attacks

    B. Unauthorized access attacks

    C. Malware attacks

    D. Social Engineering attacks

  • Question 65:

    The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility standard across many industries and educational institutions is known as:

    A. Snort

    B. Wireshark

    C. Cain and Able

    D. nmap

  • Question 66:

    An active vulnerability scanner featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis is called:

    A. Nessus

    B. CyberCop

    C. EtherApe

    D. nmap

  • Question 67:

    Common name(s) for CSIRT is(are)

    A. Incident Handling Team (IHT)

    B. Incident Response Team (IRT)

    C. Security Incident Response Team (SIRT)

    D. All the above

  • Question 68:

    CSIRT can be implemented at:

    A. Internal enterprise level

    B. National, government and military level

    C. Vendor level

    D. All the above

  • Question 69:

    The typical correct sequence of activities used by CSIRT when handling a case is:

    A. Log, inform, maintain contacts, release information, follow up and reporting

    B. Log, inform, release information, maintain contacts, follow up and reporting

    C. Log, maintain contacts, inform, release information, follow up and reporting

    D. Log, maintain contacts, release information, inform, follow up and reporting

  • Question 70:

    The program that helps to train people to be better prepared to respond to emergency situations in their communities is known as:

    A. Community Emergency Response Team (CERT)

    B. Incident Response Team (IRT)

    C. Security Incident Response Team (SIRT)

    D. All the above

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 212-89 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.