1. Home
  2. EC-COUNCIL
  3. 212-89

EC-Council Certified Incident Handler (ECIH)

Exam Details

  • Exam Code
    :212-89
  • Exam Name
    :EC-Council Certified Incident Handler (ECIH)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :163 Q&As
  • Last Updated
    :Apr 16, 2025

EC-COUNCIL EC-COUNCIL Certifications 212-89 Questions & Answers

  • Question 81:

    Incident response team must adhere to the following: A. Stay calm and document everything

    B. Assess the situation

    C. Notify appropriate personnel

    D. All the above

  • Question 82:

    What is the best staffing model for an incident response team if current employees' expertise is very low?

    A. Fully outsourced

    B. Partially outsourced

    C. Fully insourced

    D. All the above

  • Question 83:

    Preventing the incident from spreading and limiting the scope of the incident is known as:

    A. Incident Eradication

    B. Incident Protection

    C. Incident Containment

    D. Incident Classification

  • Question 84:

    Performing Vulnerability Assessment is an example of a:

    A. Incident Response

    B. Incident Handling

    C. Pre-Incident Preparation

    D. Post Incident Management

  • Question 85:

    The correct sequence of Incident Response and Handling is:

    A. Incident Identification, recording, initial response, communication and containment

    B. Incident Identification, initial response, communication, recording and containment

    C. Incident Identification, communication, recording, initial response and containment

    D. Incident Identification, recording, initial response, containment and communication

  • Question 86:

    Which of the following is a risk assessment tool:

    A. Nessus

    B. Wireshark

    C. CRAMM

    D. Nmap

  • Question 87:

    In NIST risk assessment/ methodology; the process of identifying the boundaries of an IT system along with the resources and information that constitute the system is known as:

    A. Asset Identification

    B. System characterization

    C. Asset valuation

    D. System classification

  • Question 88:

    What is correct about Quantitative Risk Analysis:

    A. It is Subjective but faster than Qualitative Risk Analysis

    B. Easily automated

    C. Better than Qualitative Risk Analysis

    D. Uses levels and descriptive expressions

  • Question 89:

    Adam calculated the total cost of a control to protect 10,000 $ worth of data as 20,000 $. What do you advise Adam to do?

    A. Apply the control

    B. Not to apply the control

    C. Use qualitative risk assessment

    D. Use semi-qualitative risk assessment instead

  • Question 90:

    The left over risk after implementing a control is called:

    A. Residual risk

    B. Unaccepted risk

    C. Low risk

    D. Critical risk

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 212-89 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.