212 - 89: EC - Council Certified Incident Handler Exam Questions Make 212 - 89 Certification Exam Easy with Edusum.com Exam Code 212 - 89 Full Exam Name EC - Council Certified Incident Handler (ECIH) Number of Questions 100 Practice Exams EC - Council 212 - 89 Certification Practice Exam Passing Score 70% Time Limit 180 mins Books / Training Courseware 212 - 89 Exam Detail Experience success with Edusum.com 212 - 89 Syllabus Topic Weights Incident Response and Handling 16% Process Handling 14% Forensic Readiness and First Response 13% Email Security Incidents 10% Application Level Incidents 8% Experience success with Edusum.com 212 - 89 Syllabus Topic Weights Network & Mobile Incidents 16% Insider Threats 7% Malware Incidents 8% Incidents Occurred in a Cloud Environment 8% Experience success with Edusum.com • Perform enough practice with EC - Council system with related EC - Council 212 - 89 certification subjects • Identify the key configuration, workflow and data flow • Understand the all Syllabus Topics of Exam which are Given in Description. • Identify your weak areas from practice test and do more practice with system • Repeat practice exams and try to score 100% on www.edusum.com Preparation tips for EC - Council ECIH Certification Experience success with Edusum.com ECIH Sample Questions Experience success with Edusum.com Q 1) In NIST risk assessment/ methodology; the process of identifying the boundaries of an IT system along with the resources and information that constitute the system is known as: Option. a) System characterization b) System classification c) Asset valuation d) Asset Identification Experience success with Edusum.com ANSWER a) System characterization Experience success with Edusum.com Q 2) Rinni is an incident handler and she is performing memory dump analysis. Which of following tools she can use in order to perform a memory dump analysis? Option. a) Proc mon and Process Explorer b) iNetSim c) Security breach d) OllyDbg and IDA Pro Experience success with Edusum.com ANSWER d) OllyDbg and IDA Pro Experience success with Edusum.com Q 3) Which among the following CERTs is an Internet provider to higher education institutions and various other research institutions in the Netherlands and deals with all cases related to computer security incidents in which a customer is involved either as a victim or as a suspect? Option. a) SURFnet - CERT b) NET - CERT c) Funet CERT d) DFN - CERT Experience success with Edusum.com ANSWER a) SURFnet - CERT Experience success with Edusum.com Q 4) Organizations or incident response teams need to protect the evidence for any future legal actions that may be taken against perpetrators that intentionally attacked the computer system. EVIDENCE PROTECTION is also required to meet legal compliance issues. Which of the following documents helps in protecting evidence from physical or logical damage? Option. a) Chain - of - Precedence b) Chain - of - Custody c) Network and host log records d) Forensic analysis report Experience success with Edusum.com ANSWER b) Chain - of - Custody Experience success with Edusum.com Q 5) Unusual logins, accessing sensitive information not used for the job role, and the use of personal external storage drives on company assets are all signs of which of the following? Option. a) Security breach b) Over - working c) Insider threat d) Lack of job rotation Experience success with Edusum.com ANSWER c) Insider threat Experience success with Edusum.com • For more information on 212 - 89 Certification please refer to FAQs. • The 212 - 89 certification is increasingly becoming important for the career of employees. • The fees information are for the informative purposes and do not serve as an official offering and are subject to change • Focus on the guide for online registration and you will find it out. Info on EC - Council ECIH Certification Experience success with Edusum.com More Info on EC - Council Certification VISIT www.edusum.com