EC-Council Certified Incident Handler

Here you have the best ECCouncil 212-89 practice exam questions

You have 163 total questions across 33 pages (5 per page)
These questions were last updated on February 13, 2026
This site is not affiliated with or endorsed by ECCouncil.

Question 1 of 163

Which of the following terms may be defined as "a measure of possible inability to achieve a goal, objective, or target within a defined security, cost plan and technical limitations that adversely affects the organization's operation and revenues?

Risk

Vulnerability

Threat

Incident Response

Question 2 of 163

A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a single system is targeted by a large number of infected machines over the Internet. In a DDoS attack, attackers first infect multiple systems which are known as:

Trojans

Zombies

Spyware

Worms

Question 3 of 163

The goal of incident response is to handle the incident in a way that minimizes damage and reduces recovery time and cost. Which of the following does NOT constitute a goal of incident response?

Dealing with human resources department and various employee conflict behaviors.

Using information gathered during incident handling to prepare for handling future incidents in a better way and to provide stronger protection for systems and data.

Helping personal to recover quickly and efficiently from security incidents, minimizing loss or theft and disruption of services.

Dealing properly with legal issues that may arise during incidents.

Question 4 of 163

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?

High level incident

Middle level incident

Ultra-High level incident

Low level incident

Question 5 of 163

Business continuity is defined as the ability of an organization to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy. Identify the plan which is mandatory part of a business continuity plan?

Forensics Procedure Plan

Business Recovery Plan

Sales and Marketing plan

New business strategy plan

About the ECCouncil 212-89 Certification Exam

About the Exam

The ECCouncil 212-89 (EC-Council Certified Incident Handler) validates your knowledge and skills. Passing demonstrates proficiency and can boost your career prospects in the field.

How to Prepare

Work through all 163 practice questions across 33 pages. Focus on understanding the reasoning behind each answer rather than memorizing responses to be ready for any variation on the real exam.

Why Practice Exams?

Practice exams help you familiarize yourself with the question format, manage your time, and reduce anxiety on the test day. Our 212-89 questions are regularly updated to reflect the latest exam objectives.