Online Access Free EC-COUNCIL.212-89.v2025-01-11.q128 Practice Test (Page 2)

212-89 Exam Question 1

Which one of the following is the correct flow of the stages in an incident handling and response (IH&R) process?

A.Containment -> Incident recording -> Incident triage -> Preparation -> Recovery -> Eradication -> Post-incident activities

B.Preparation -> Incident recording -> Incident triage -> Containment -> Eradication -> Recovery -> Post-incident activities

C.Incident recording -> Preparation -> Containment -> Incident triage -> Recovery > Eradication -> Post-incident activities

D.Incident triage -> Eradication -> Containment -> Incident recording -> Preparation -> Recovery -> Post-incident activities

212-89 Exam Question 2

Shall y, an incident handler, is working for a company named Texas Pvt.Ltd.based in Florida. She was asked to work on an incident response plan. As part of the plan, she decided to enhance and improve the security infrastructure of the enterprise. She has incorporated a security strategy that allows security professionals to use several protection layers throughout their information system. Due to multiple layer protection, this security strategy assists in preventing direct attacks against the organization's information system as a break in one layer only leads the attacker to the next layer.
Identify the security strategy Shall y has incorporated in the incident response plan.

A.Covert channels

B.Three-way handshake

C.Defense-in-depth

D.Exponential back off algorithm

212-89 Exam Question 3

During the process of detecting and containing malicious emails, incident responders should examine the originating IP address of the emails.
The steps to examine the originating IP address are as follow:
1. Search for the IP in the WHOIS database
2. Open the email to trace and find its header
3. Collect the IP address of the sender from the header of the received mail
4. Look for the geographic address of the sender in the WHOIS database
Identify the correct sequence of steps to be performed by the incident responders to examine originating IP address of the emails.

A.4-->1-->2-->3

B.2-->1-->4-->3

C.1-->3-->2-->4

D.2-->3-->1-->4

212-89 Exam Question 4

Eric works as a system administrator in ABC organization. He granted privileged users with unlimited permissions to access the systems. These privileged users can misuse their rights unintentionally or maliciously or attackers can trick them to perform malicious activities.
Which of the following guidelines helps incident handlers to eradicate insider attacks by privileged users?

A.Do not control the access to administrators and privileged users

B.Do not allow administrators to use unique accounts during the installation process

C.Do not use encryption methods to prevent administrators and privileged users from accessing backup tapes and sensitive information

D.Do not enable the default administrative accounts to ensure accountability

212-89 Exam Question 5

They type of attack that prevents the authorized users to access networks, systems, or applications by
exhausting the network resources and sending illegal requests to an application is known as:

A.Session Hijacking attack

B.SQL injection attack

C.Denial of Service attack

D.Man in the Middle attack

Other Version: 2026EC-COUNCIL.212-89.v2023-03-06.q66; 101EC-COUNCIL.Exams4collection.212-89.v2022-06-01.by.bowen.72q.pdf; 2695EC-COUNCIL.212-89.v2022-02-19.q72; 3022EC-COUNCIL.212-89.v2022-01-08.q71; 64EC-COUNCIL.Pass4surecert.212-89.v2021-07-30.by.elsa.77q.pdf

Latest Upload: 107Salesforce.ADM-201.v2025-09-06.q260; 104Oracle.1Z0-1055-23.v2025-09-06.q48; 104Cisco.010-151.v2025-09-06.q130; 130PMI.PMI-PBA.v2025-09-05.q160; 139Salesforce.Advanced-Cross-Channel.v2025-09-04.q41; 134EC-COUNCIL.312-40.v2025-09-04.q87; 148Oracle.1Z1-591.v2025-09-03.q129; 129Oracle.1z0-1065-25.v2025-09-03.q26; 162Cisco.350-701.v2025-09-03.q218; 126Oracle.1Z0-1195-25.v2025-09-03.q20

212-89 Exam Question 1

212-89 Exam Question 2

212-89 Exam Question 3

212-89 Exam Question 4

212-89 Exam Question 5

Download PDF File