Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-89

EC-Council 212-89 Exam Questions
EC-Council Certified Incident Handler (Page 5 )

Updated On: 5-Mar-2026
Page 5 of 53
PDF with 272 Questions

A computer virus hoax is a message warning the recipient of a non-existent computer virus threat. The message is usually a chain e-mail that tells the recipient to forward it to everyone they know.

Which of the following is not a symptom of virus hoax message?

  1. The message prompts the end user to forward it to his/her email contact list and gain monetary benefits in doing so
  2. The message warns to delete certain files if the user does not take appropriate action
  3. The message prompts the user to install Anti-virus
  4. The message from a known email id is caught by SPAM filters due to change in filter settings

Answer(s): A



A US Federal Agency network was the target of a DoS attack that prevented and impaired the normal authorized functionality of the networks. According to agency's reporting timeframe guidelines, this incident should be reported within 2 h of discovery/detection if the successful attack is still ongoing and the agency is unable to successfully mitigate the activity.

Which incident category of US Federal Agency does this incident belong to?

  1. CAT 1
  2. CAT 6
  3. CAT 2
  4. CAT 5

Answer(s): C


Reference:

https://www.pearlsoftware.com/resources/Experts/OMBRequirements.pdf



Eric who is an incident responder is working on developing incident-handling plans and procedures. As part of this process, he is performing analysis on the organizational network to generate a report and to develop policies based on the acquired results.

Which of the following tools will help him in analyzing network and its related traffic?

  1. Wireshark
  2. Whois
  3. Burp Suite
  4. FaceNiff

Answer(s): C


Reference:

https://portswigger.net/burp/documentation/desktop/penetration-testing



Clark, a professional hacker, exploited the web application of a target organization by tampering the form and parameter values. He successfully exploited the web application and gained access to the information assets of the organization.

Identify the vulnerability in the web application exploited by the attacker.

  1. SQL injection
  2. Security misconfiguration
  3. Broken access control
  4. Sensitive data exposure

Answer(s): A


Reference:

https://www.imperva.com/learn/application-security/sql-injection-sqli/



In which of the following types of insider threats an insider who is uneducated on potential security threats or simply bypasses general security procedures to meet workplace efficiency?

  1. Professional insider
  2. Malicious insider
  3. Negligent insider
  4. Compromised insider

Answer(s): C


Reference:

https://digitalguardian.com/blog/insider-outsider-data-security-threats



Viewing page 5 of 53
Viewing questions 21 - 25 out of 272 questions



Post your Comments and Discuss EC-Council 212-89 exam dumps with other Community members:

212-89 Exam Discussions & Posts

AI Tutor