リリースEC-COUNCIL 312-39更新された問題PDF
312-39問題集と練習テスト(102試験問題)
質問 # 31
A type of threat intelligent that find out the information about the attacker by misleading them is known as
.
- A. Threat trending Intelligence
- B. Detection Threat Intelligence
- C. Operational Intelligence
- D. Counter Intelligence
正解:D
解説:
質問 # 32
Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.
What among the following should Wesley avoid from considering?
- A. Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes
- B. Allow serialization for security-sensitive classes
- C. Understand the security permissions given to serialization and deserialization
- D. Deserialization of trusted data must cross a trust boundary
正解:B
質問 # 33
John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.
Which of the following data source will he use to prepare the dashboard?
- A. DNS/ Web Server logs with IP addresses.
- B. DHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
- C. IIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.
- D. Apache/ Web Server logs with IP addresses and Host Name.
正解:D
質問 # 34
Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?
- A. MagicTree
- B. Malstrom
- C. threat_note
- D. IntelMQ
正解:D
質問 # 35
Identify the HTTP status codes that represents the server error.
- A. 5XX
- B. 2XX
- C. 1XX
- D. 4XX
正解:A
質問 # 36
Which of the following directory will contain logs related to printer access?
- A. /var/log/cups/access_log file
- B. /var/log/cups/Printer_log file
- C. /var/log/cups/accesslog file
- D. /var/log/cups/Printeraccess_log file
正解:A
解説:
Explanation
Graphical user interface Description automatically generated with low confidence
質問 # 37
In which phase of Lockheed Martin's - Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?
- A. Weaponization
- B. Exploitation
- C. Reconnaissance
- D. Delivery
正解:D
質問 # 38
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very high, and the impact of that attack is major?
NOTE: It is mandatory to answer the question before proceeding to the next one.
- A. Low
- B. Extreme
- C. Medium
- D. High
正解:D
質問 # 39
The Syslog message severity levels are labelled from level 0 to level 7.
What does level 0 indicate?
- A. Emergency
- B. Debugging
- C. Notification
- D. Alert
正解:C
質問 # 40
Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp.
What Chloe is looking at?
- A. System boot log
- B. Error log
- C. General message and system-related stuff
- D. Login records
正解:D
質問 # 41
Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.
What does this event log indicate?
- A. SQL Injection Attack
- B. Parameter Tampering Attack
- C. XSS Attack
- D. Directory Traversal Attack
正解:B
質問 # 42
An organization is implementing and deploying the SIEM with following capabilities.
What kind of SIEM deployment architecture the organization is planning to implement?
- A. Self-hosted, Jointly Managed
- B. Cloud, MSSP Managed
- C. Self-hosted, MSSP Managed
- D. Self-hosted, Self-Managed
正解:B
質問 # 43
Which of the log storage method arranges event logs in the form of a circular buffer?
- A. LIFO
- B. wrapping
- C. non-wrapping
- D. FIFO
正解:D
質問 # 44
Banter is a threat analyst in Christine Group of Industries. As a part of the job, he is currently formatting and structuring the raw data.
He is at which stage of the threat intelligence life cycle?
- A. Dissemination and Integration
- B. Processing and Exploitation
- C. Collection
- D. Analysis and Production
正解:B
質問 # 45
In which phase of Lockheed Martin's - Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?
- A. Delivery
- B. Exploitation
- C. Reconnaissance
- D. Weaponization
正解:D
解説:
質問 # 46
Which of the following is a Threat Intelligence Platform?
- A. Keepnote
- B. SolarWinds MS
- C. TC Complete
- D. Apility.io
正解:C
解説:
質問 # 47
Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((\%3C)|<)((\%69)|i|(\%
49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)/|.
What does this event log indicate?
- A. Parameter Tampering Attack
- B. SQL Injection Attack
- C. XSS Attack
- D. Directory Traversal Attack
正解:C
質問 # 48
What type of event is recorded when an application driver loads successfully in Windows?
- A. Error
- B. Warning
- C. Information
- D. Success Audit
正解:C
質問 # 49
......
312-39試験問題集合格させるのは更新されたのは2023年年最新の認証済み試験問題:https://jp.fast2test.com/312-39-premium-file.html
ガイド(2023年最新)実際のEC-COUNCIL 312-39試験問題:https://drive.google.com/open?id=1wEcx3MNdxfIzAjUW0uetusMkj1KtPth-