EC-COUNCIL EC Council Certified Incident Handler (ECIH v3) - 212-89 FREE EXAM DUMPS QUESTIONS & ANSWERS
Joseph is an incident handling and response (IH&R) team lead in Toro Network Solutions Company. As a part of IH&R process, Joseph alerted the service providers, developers, and manufacturers about the affected resources.
Identify the stage of IH&R process Joseph is currently in.
Identify the stage of IH&R process Joseph is currently in.
Correct Answer: C
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
TechStream, a rising tech start-up, developed an AI-powered chatbot for its clients' websites. Shortly after deployment, users reported receiving malicious links and phishing messages from the chatbot. Preliminary investigation traced the issue to an attacker exploiting the chatbot's AI training module. Which of the following steps would be the most efficient in addressing this vulnerability?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Rachel, a first responder, finds a smartphone in an executive's office that is powered ON and actively displaying a messaging app with potentially incriminating information. She avoids locking the screen or turning off the device, photographs the current display, and collects its charging cable. She then safely packages the device and ensures it is kept charged during transport. What principle is Rachel applying in her evidence handling approach?
Correct Answer: A
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Aarav, an IT support specialist, identifies that multiple employees have engaged with an email promoting free shopping vouchers, which appears suspicious. To minimize the potential threat, he instructs staff to report the message, classify it as junk, and remove it from their inboxes. He further advises them not to interact with similar messages in the future, even if they seem to come from internal contacts. Which best practice is Aarav reinforcing?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
A cybersecurity team at a financial services firm detects abnormal behavior on several endpoints, suggesting a possible breach. The anomalies include unexpected data transfers and processes running with unusual permissions. Given the potential impact, the team needs to quickly validate whether these are indicators of a security incident or benign anomalies. What method should the team prioritize to detect and validate the incident effectively?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
A cloud security analyst identifies a complex multi-vector attack targeting cloud-hosted applications (DDoS + phishing + malware infiltration). In cloud incident handling, what is the most critical challenge to overcome to respond effectively?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Alice is an incident handler and she has been informed by her lead that the data on affected systems must be backed up so that it can be retrieved if it is damaged during the incident response process. She was also told that the system backup can also be used for further investigation of the incident. In which of the following stages of the incident handling and response (IH&R) process does Alice need to do a complete backup of the infected system?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Which of the following terms refers to the personnel that the incident handling and response (IH&R) team must contact to report the incident and obtain the necessary permissions?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).