- Home
- EC-COUNCIL
- EC Council Certified Incident Handler (ECIH v3)
- EC-COUNCIL.212-89.v2022-06-16.q71
- Question 44
Valid 212-89 Dumps shared by ExamDiscuss.com for Helping Passing 212-89 Exam! ExamDiscuss.com now offer the newest 212-89 exam dumps, the ExamDiscuss.com 212-89 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 212-89 dumps with Test Engine here:
Access 212-89 Dumps Premium Version
(274 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 44/71
Contingency planning enables organizations to develop and maintain effective methods to handle
emergencies. Every organization will have its own specific requirements that the planning should address.
There are five major components of the IT contingency plan, namely supporting information, notification
activation, recovery and reconstitution and plan appendices. What is the main purpose of the reconstitution
plan?
emergencies. Every organization will have its own specific requirements that the planning should address.
There are five major components of the IT contingency plan, namely supporting information, notification
activation, recovery and reconstitution and plan appendices. What is the main purpose of the reconstitution
plan?
Correct Answer: D
- Question List (71q)
- Question 1: What command does a Digital Forensic Examiner use to display...
- Question 2: To respond to DDoS attacks; one of the following strategies ...
- Question 3: Common name(s) for CSIRT is(are)...
- Question 4: In NIST risk assessment/ methodology; the process of identif...
- Question 5: The type of relationship between CSIRT and its constituency ...
- Question 6: In a qualitative risk analysis, risk is calculated in terms ...
- Question 7: An incident recovery plan is a statement of actions that sho...
- Question 8: A malicious security-breaking code that is disguised as any ...
- Question 9: In the Control Analysis stage of the NIST's risk assessment ...
- Question 10: CSIRT can be implemented at:
- Question 11: A living high level document that states in writing a requir...
- Question 12: One of the goals of CSIRT is to manage security problems by ...
- Question 13: The Linux command used to make binary copies of computer med...
- Question 14: In a DDoS attack, attackers first infect multiple systems, w...
- Question 15: An incident is analyzed for its nature, intensity and its ef...
- Question 16: Except for some common roles, the roles in an IRT are distin...
- Question 17: They type of attack that prevents the authorized users to ac...
- Question 18: Multiple component incidents consist of a combination of two...
- Question 19: An organization faced an information security incident where...
- Question 20: In which of the steps of NIST's risk assessment methodology ...
- Question 21: Organizations or incident response teams need to protect the...
- Question 22: The service organization that provides 24x7 computer securit...
- Question 23: Which of the following incident recovery testing methods wor...
- Question 24: An information security incident is...
- Question 25: According to the Fourth Amendment of USA PATRIOT Act of 2001...
- Question 26: The left over risk after implementing a control is called:...
- Question 27: An audit trail policy collects all audit trails such as seri...
- Question 28: Business continuity is defined as the ability of an organiza...
- Question 29: A malware code that infects computer files, corrupts or dele...
- Question 30: An estimation of the expected losses after an incident helps...
- Question 31: A security policy will take the form of a document or a coll...
- Question 32: A malware code that infects computer files, corrupts or dele...
- Question 33: The policy that defines which set of events needs to be logg...
- Question 34: Which of the following is an incident tracking, reporting an...
- Question 35: A methodical series of techniques and procedures for gatheri...
- Question 36: The flow chart gives a view of different roles played by the...
- Question 37: Which test is conducted to determine the incident recovery p...
- Question 38: CERT members can provide critical support services to first ...
- Question 39: Identify the malicious program that is masked as a genuine h...
- Question 40: Authorized users with privileged access who misuse the corpo...
- Question 41: A self-replicating malicious code that does not alter files ...
- Question 42: According to the Evidence Preservation policy, a forensic in...
- Question 43: Identify a standard national process which establishes a set...
- Question 44: Contingency planning enables organizations to develop and ma...
- Question 45: A software application in which advertising banners are disp...
- Question 46: A distributed Denial of Service (DDoS) attack is a more comm...
- Question 47: The person who offers his formal opinion as a testimony abou...
- Question 48: The free, open source, TCP/IP protocol analyzer, sniffer and...
- Question 49: The correct order or sequence of the Computer Forensic proce...
- Question 50: They type of attack that prevents the authorized users to ac...
- Question 51: Which policy recommends controls for securing and tracking o...
- Question 52: Computer forensics is methodical series of techniques and pr...
- Question 53: What is the best staffing model for an incident response tea...
- Question 54: Which among the following CERTs is an Internet provider to h...
- Question 55: An information security policy must be:...
- Question 56: An incident is analyzed for its nature, intensity and its ef...
- Question 57: Identify a standard national process which establishes a set...
- Question 58: To recover, analyze, and preserve computer and related mater...
- Question 59: US-CERT and Federal civilian agencies use the reporting time...
- Question 60: Risk management consists of three processes, risk assessment...
- Question 61: A self-replicating malicious code that does not alter files ...
- Question 62: Incident response team must adhere to the following:...
- Question 63: The free, open source, TCP/IP protocol analyzer, sniffer and...
- Question 64: One of the goals of CSIRT is to manage security problems by ...
- Question 65: Policies are designed to protect the organizational resource...
- Question 66: If the loss anticipated is greater than the agreed upon thre...
- Question 67: Insider threats can be detected by observing concerning beha...
- Question 68: Insider threats can be detected by observing concerning beha...
- Question 69: Digital evidence must:
- Question 70: What is the best staffing model for an incident response tea...
- Question 71: Bit stream image copy of the digital evidence must be perfor...
