ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 212-89 All Questions

View all questions & answers for the 212-89 exam
Go to Exam

Exam 212-89 topic 1 question 4 discussion

Actual exam question from ECCouncil's 212-89
Question #: 4
Topic #: 1
[All 212-89 Questions]

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?

  • A. High level incident
  • B. Middle level incident
  • C. Ultra-High level incident
  • D. Low level incident
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by bung1 at Jan. 23, 2021, 7:40 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Conkerzin
8 months, 1 week ago
Anyone did the exam recently and can tell if these questions are enough to pass?
upvoted 1 times
...
Mr_Cheese42
1 year ago
Answer should definitely be a middle level incident.
upvoted 2 times
...
ArusReator
1 year, 3 months ago
Selected Answer: B
answer :B Middle Level incidents(Mudule02 P230) Unfriendly employee terminatiom unauthorized storing and processing of data personal theft of data related to a computer incident
upvoted 3 times
...
Boats
1 year, 6 months ago
Selected Answer: B
Module 2 Page 231
upvoted 1 times
...
Giabas
1 year, 9 months ago
Selected Answer: B
"within few hours" = mid-level
upvoted 2 times
...
lordosiris
2 years, 4 months ago
Are these answers and questions legit ?
upvoted 1 times
...
s3curity01
2 years, 5 months ago
I'm torn between High level and middle level. Question doesnt sound that urgent though. For all we know, that sensitive access control information that was passed doesn't have access to all critical information, and only to few ones. In that case, I'm thinking its only middle level since it is expected to be resolved within a few hours on the same day. If it is expected to be resolved as urgently as possible, then my answer would be High level. What do you guys think?
upvoted 3 times
...
s3curity00
2 years, 5 months ago
I think B is correct. Keyword is that it should be addressed within a few hours. Passing sensitive access control information can lead to unauthorized access to systems, data storing and processing, and theft of data which are all symptoms of Middle Level incident. If categorized as High level, then it should be resolved as soon as possible.
upvoted 1 times
...
linhy
2 years, 5 months ago
Answer B (Middle level Incident) - page 233 Middle-level Incidents Middle-level incidents are more severe events that pose a moderate threat to an organization. Such incidents require further investigation by incident handlers to analyze their impact and severity. These incidents can result in a false positive and may interrupt organizational operations to some extent. It is essential for incident handlers to handle such incidents within few hours of their detection. During middle-level incidents, organizations may be unable to provide essential services to a group of system users for a certain period of time; this may be slightly inconvenient for customers.
upvoted 1 times
...
Sabalii
2 years, 9 months ago
Answer B (Middle level Incident) Module 2 - Page 231 {"It is essential for the incidents to be addressed within a few hours of their occurrence" }
upvoted 3 times
...
Michela2020
3 years, 1 month ago
Middle level incident
upvoted 1 times
...
s3curity1
3 years, 4 months ago
This is high level incident since it poses a threat which may lead to bad name of the organization, right?
upvoted 1 times
...
bung1
3 years, 11 months ago
Answer is High level Incident
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel