Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated 212-89 Exam Questions and Answers by aron

Page: 8 / 22

ECCouncil 212-89 Exam Overview :

Exam Name: EC Council Certified Incident Handler (ECIH v3)
Exam Code: 212-89 Dumps
Vendor: ECCouncil Certification: ECIH
Questions: 305 Q&A's Shared By: aron
Question 32

Matt is an incident handler working for one of the largest social network companies, which was affected by malware. According to the company’s reporting timeframe guidelines, a malware incident should be reported within 1 h of discovery/detection after its spread across the company. Which category does this incident belong to?

Options:

A.

CAT 1

B.

CAT 4

C.

CAT 2

D.

CAT 3

Discussion
Kylo
What makes Cramkey Dumps so reliable? Please guide.
Sami Jun 7, 2026
Well, for starters, they have a team of experts who are constantly updating their material to reflect the latest changes in the industry. Plus, they have a huge database of questions and answers, which makes it easy to study and prepare for the exam.
Carson
Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.
Rufus Jun 17, 2026
Me too. They're a lifesaver!
Ilyas
Definitely. I felt much more confident and prepared because of the Cramkey Dumps. I was able to answer most of the questions with ease and I think that helped me to score well on the exam.
Saoirse Jun 27, 2026
That's amazing. I'm glad you found something that worked for you. Maybe I should try them out for my next exam.
Reeva
Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.
Amari Jun 1, 2026
Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.
Question 33

In an international bank, the IT security team identified unusual network traffic indicating a potential malware infection. Further analysis revealed that several high-value transaction servers were communicating with an external command and control server. The team needs to decide the immediate action to best handle this malware incident triage. What should they prioritize to mitigate the threat and safeguard sensitive data effectively?

Options:

A.

Disconnecting the affected servers from the network to prevent further data exfiltration

B.

Initiating a controlled shutdown of the transaction servers to preserve their current state

C.

Immediately updating antivirus signatures on all network devices and servers

D.

Performing a memory dump of the affected servers for in-depth forensic analysis

Discussion
Question 34

A multinational consultancy firm recently conducted a mobile security awareness session after noticing repeated incidents of suspicious activity on corporate-linked Android devices. During the session, IT discovered that several employees had been sideloading APK files from unofficial third-party websites to access premium apps for free. These unauthorized installations introduced malware that compromised login credentials, triggered unauthorized data exfiltration, and bypassed existing security filters. Further investigation revealed that the company lacked enforcement of application certification checks on enrolled Android devices, and employees were unaware of the risks of using unverified sources. What security control should be prioritized to prevent such behavior in the future?

Options:

A.

Enable remote location tracking for corporate Android devices

B.

Restrict Bluetooth and NFC-based application communication channels

C.

Acquire full-disk encryption for both device storage and application data

D.

Enforce MDM policies that allow only signed app installations

Discussion
Question 35

Shiela is working at night as an incident handler. During a shift, servers were affected by a massive cyberattack. After she classified and prioritized the incident, she must report the incident, obtain necessary permissions, and perform other incident response functions. What list should she check to notify other responsible personnel?

Options:

A.

HR log book

B.

Point of contact

C.

Email list

D.

Phone number list

Discussion
Page: 8 / 22
Title
Questions
Posted

212-89
PDF

$36.75  $104.99

212-89 Testing Engine

$43.75  $124.99

212-89 PDF + Testing Engine

$57.75  $164.99