EC-Council Certified Incident Handler v1.0 (212-89)

Page:    1 / 11   
Total 166 questions

The sign of incident that may happen in the future is called:

  • A. A Precursor
  • B. An Indication
  • C. A Proactive
  • D. A Reactive


Answer : A

Incidents such as DDoS that should be handled immediately may be considered as:

  • A. Level One incident
  • B. Level Two incident
  • C. Level Three incident
  • D. Level Four incident


Answer : C

Total cost of disruption of an incident is the sum of

  • A. Tangible and Intangible costs
  • B. Tangible cost only
  • C. Intangible cost only
  • D. Level Two and Level Three incidents cost


Answer : A

Incident prioritization must be based on:

  • A. Potential impact
  • B. Current damage
  • C. Criticality of affected systems
  • D. All the above


Answer : D

An information security incident is

  • A. Any real or suspected adverse event in relation to the security of computer systems or networks
  • B. Any event that disrupts normal today"™s business functions
  • C. Any event that breaches the availability of information assets
  • D. All of the above


Answer : D

Which of the following can be considered synonymous:

  • A. Hazard and Threat
  • B. Threat and Threat Agent
  • C. Precaution and countermeasure
  • D. Vulnerability and Danger


Answer : A

If the loss anticipated is greater than the agreed upon threshold; the organization will:

  • A. Accept the risk
  • B. Mitigate the risk
  • C. Accept the risk but after management approval
  • D. Do nothing


Answer : B

A payroll system has a vulnerability that cannot be exploited by current technology. Which of the following is correct about this scenario:

  • A. The risk must be urgently mitigated
  • B. The risk must be transferred immediately
  • C. The risk is not present at this time
  • D. The risk is accepted


Answer : C

Overall Likelihood rating of a Threat to Exploit a Vulnerability is driven by :

  • A. Threat-source motivation and capability
  • B. Nature of the vulnerability
  • C. Existence and effectiveness of the current controls
  • D. All the above


Answer : D

Absorbing minor risks while preparing to respond to major ones is called:

  • A. Risk Mitigation
  • B. Risk Transfer
  • C. Risk Assumption
  • D. Risk Avoidance


Answer : C

The left over risk after implementing a control is called:

  • A. Residual risk
  • B. Unaccepted risk
  • C. Low risk
  • D. Critical risk


Answer : A

Adam calculated the total cost of a control to protect 10,000 $ worth of data as 20,000 $. What do you advise Adam to do?

  • A. Apply the control
  • B. Not to apply the control
  • C. Use qualitative risk assessment
  • D. Use semi-qualitative risk assessment instead


Answer : B

What is correct about Quantitative Risk Analysis:

  • A. It is Subjective but faster than Qualitative Risk Analysis
  • B. Easily automated
  • C. Better than Qualitative Risk Analysis
  • D. Uses levels and descriptive expressions


Answer : B

Which of the following is a risk assessment tool:

  • A. Nessus
  • B. Wireshark
  • C. CRAMM
  • D. Nmap


Answer : C

In NIST risk assessment/ methodology; the process of identifying the boundaries of an IT system along with the resources and information that constitute the system is known as:

  • A. Asset Identification
  • B. System characterization
  • C. Asset valuation
  • D. System classification


Answer : B

Page:    1 / 11   
Total 166 questions