EC-COUNCIL EC Council Certified Incident Handler (ECIH v3) - 212-89 Free Exam Questions

QUESTION NO: 1
Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she is performing threat attribution that deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target. Which of the following types of threat attributions Alexis performed?

Correct Answer: C Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 2
Investigator Ian gives you a drive image to investigate. What type of analysis are you performing?

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 3
A social media analytics company uses a cloud-based platform to deploy and manage modular workloads.
Following an alert in a background module, the incident response team began log analysis and configuration reviews. While they had access to deployment artifacts and resource usage settings, they lacked visibility into system-level activity, such as task scheduling and component runtime behavior. This information is needed to determine whether the issue originated from the underlying cloud environment. Who holds primary responsibility for providing such access in this cloud model to support the investigation?

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 4
Alex is an incident handler for Tech-o-Tech Inc. and is tasked to identify any possible insider threats within his organization. Which of the following insider threat detection techniques can be used by Alex to detect insider threats based on the behavior of a suspicious employee, both individually and in a group?

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 5
SpaceTech Innovations, specializing in space exploration software, encountered malware that camouflaged itself within proprietary algorithms. This stealthy malware intermittently transmitted blueprints to an unknown receiver. With a state-of-the-art code analyzer and a network traffic analyzer at hand, what's the ideal first step?

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 6
Identify Sarbanes-Oxley Act (SOX) Title, which consists of only one section, that includes measures designed to help restore investor confidence in the reporting of securities analysts.

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 7
A colleague wants to minimize their security responsibility because they are in a small organization. They are evaluating a new application that is offered in different forms. Which form would result in the least amount of responsibility for the colleague?

Correct Answer: C Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 8
If a hacker cannot find any other way to attack an organization, they can influence an employee or a disgruntled staff member. What type of threat is this?

Correct Answer: A Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 9
James is working as an incident responder at CyberSol Inc. The management instructed James to investigate a cybersecurity incident that recently happened in the company. As a part of the investigation process, James started collecting volatile information from a system running on Windows operating system.
Which of the following commands helps James in determining all the executable files for running processes?

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 10
The IT security team of a multinational corporation identifies a breach in its BYOD policy, with several employees' mobile devices infected with spyware through a malicious app. These devices had access to the corporate email system. What is the most immediate action the security team should take?

Correct Answer: D Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 11
After a web application attack, HealthFirst traced the breach to an insecure Direct Object Reference (IDOR) vulnerability. They want to patch it and fortify the app. What should be their primary action?

Correct Answer: B Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).
QUESTION NO: 12
Which of the following encoding techniques replaces unusual ASCII characters with
"%" followed by the character's two-digit ASCII code expressed in hexadecimal?

Correct Answer: C Vote an answer
Explanation: Only visible for Actual4test members. You can sign-up / login (it's free).

QUALITY AND VALUE

Actual4test Practice Exams are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development - no all study materials.

Tested and Approved

We are committed to the process of vendor and third party approvals. We believe professionals and executives alike deserve the confidence of quality coverage these authorizations provide.

Easy to Pass

If you prepare for the exams using our Actual4test testing engine, It is easy to succeed for all certifications in the first attempt. You don't have to deal with all dumps or any free torrent / rapidshare all stuff.

Try Before Buy

Actual4test offers free demo of each product. You can check out the interface, question quality and usability of our practice exams before you decide to buy.