Eccouncil 212-89 practice test

EC-Council Certified Incident Handler v2 Exam

Last exam update: Jul 11 ,2024
Page 1 out of 11. Viewing questions 1-15 out of 136

Question 1

A living high level document that states in writing a requirement and directions on how an agency
plans to protect its information technology assets is called:

  • A. Information security Policy
  • B. Information security Procedure
  • C. Information security Baseline
  • D. Information security Standard
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

According to the Evidence Preservation policy, a forensic investigator should make at least
..................... image copies of the digital evidence.

  • A. One image copy
  • B. Two image copies
  • C. Three image copies
  • D. Four image copies
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Bit stream image copy of the digital evidence must be performed in order to:

  • A. Prevent alteration to the original disk
  • B. Copy the FAT table
  • C. Copy all disk sectors including slack space
  • D. All the above
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

According to the Fourth Amendment of USA PATRIOT Act of 2001; if a search does NOT violate a
persons reasonable or legitimate expectation of privacy then it is considered:

  • A. Constitutional/ Legitimate
  • B. Illegal/ illegitimate
  • C. Unethical
  • D. None of the above
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Ensuring the integrity, confidentiality and availability of electronic protected health information of a
patient is known as:

  • A. Gramm-Leach-Bliley Act
  • B. Health Insurance Portability and Privacy Act
  • C. Social Security Act
  • D. Sarbanes-Oxley Act
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

The most common type(s) of intellectual property is(are):

  • A. Copyrights and Trademarks
  • B. Patents
  • C. Industrial design rights & Trade secrets
  • D. All the above
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

The product of intellect that has commercial value and includes copyrights and trademarks is called:

  • A. Intellectual property
  • B. Trade secrets
  • C. Logos
  • D. Patents
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

An information security policy must be:

  • A. Distributed and communicated
  • B. Enforceable and Regularly updated
  • C. Written in simple language
  • D. All the above
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

The policy that defines which set of events needs to be logged in order to capture and review the
important data in a timely manner is known as:

  • A. Audit trail policy
  • B. Logging policy
  • C. Documentation policy
  • D. Evidence Collection policy
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

The steps followed to recover computer systems after an incident are:

  • A. System restoration, validation, operation and monitoring
  • B. System restoration, operation, validation, and monitoring
  • C. System monitoring, validation, operation and restoration
  • D. System validation, restoration, operation and monitoring
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

The ability of an agency to continue to function even after a disastrous event, accomplished through
the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a
solid backup and recovery strategy is known as:

  • A. Business Continuity Plan
  • B. Business Continuity
  • C. Disaster Planning
  • D. Contingency Planning
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Business Continuity provides a planning methodology that allows continuity in business operations:

  • A. Before and after a disaster
  • B. Before a disaster
  • C. Before, during and after a disaster
  • D. During and after a disaster
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which test is conducted to determine the incident recovery procedures effectiveness?

  • A. Live walk-throughs of procedures
  • B. Scenario testing
  • C. Department-level test
  • D. Facility-level test
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Business Continuity planning includes other plans such as:

  • A. Incident/disaster recovery plan
  • B. Business recovery and resumption plans
  • C. Contingency plan
  • D. All the above
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

The process of rebuilding and restoring the computer systems affected by an incident to normal
operational stage including all the processes, policies and tools is known as:

  • A. Incident Management
  • B. Incident Response
  • C. Incident Recovery
  • D. Incident Handling
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2