Tested & Approved 312-39 Study Materials Download Free Updated 102 Questions [Q33-Q53]

Share

Tested & Approved 312-39 Study Materials Download Free Updated 102 Questions

Regular Free Updates 312-39 Dumps Real Exam Questions Test Engine

NEW QUESTION # 33
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

  • A. Medium
  • B. High
  • C. Low
  • D. Extreme

Answer: C


NEW QUESTION # 34
John, a SOC analyst, while monitoring and analyzing Apache web server logs, identified an event log matching Regex /(\.|(%|%25)2E)(\.|(%|%25)2E)(\/|(%|%25)2F|\\|(%|%25)5C)/i.
What does this event log indicate?

  • A. SQL injection Attack
  • B. Parameter Tampering Attack
  • C. Directory Traversal Attack
  • D. XSS Attack

Answer: D


NEW QUESTION # 35
Identify the attack when an attacker by several trial and error can read the contents of a password file present in the restricted etc folder just by manipulating the URL in the browser as shown:
http://www.terabytes.com/process.php./../../../../etc/passwd

  • A. Denial-of-Service Attack
  • B. Directory Traversal Attack
  • C. Form Tampering Attack
  • D. SQL Injection Attack

Answer: D


NEW QUESTION # 36
Which of the following Windows event is logged every time when a user tries to access the "Registry" key?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: A

Explanation:


NEW QUESTION # 37
Which of the following formula represents the risk levels?

  • A. Level of risk = Consequence * Impact
  • B. Level of risk = Consequence * Asset Value
  • C. Level of risk = Consequence * Likelihood
  • D. Level of risk = Consequence * Severity

Answer: C

Explanation:


NEW QUESTION # 38
Jason, a SOC Analyst with Maximus Tech, was investigating Cisco ASA Firewall logs and came across the following log entry:
May 06 2018 21:27:27 asa 1: %ASA -5 - 11008: User 'enable_15' executed the 'configure term' command What does the security level in the above log indicates?

  • A. Normal but significant message
  • B. Informational message
  • C. Warning condition message
  • D. Critical condition message

Answer: A

Explanation:


NEW QUESTION # 39
Which of the following attack inundates DHCP servers with fake DHCP requests to exhaust all available IP addresses?

  • A. DHCP Cache Poisoning
  • B. DHCP Port Stealing
  • C. DHCP Starvation Attacks
  • D. DHCP Spoofing Attack

Answer: C


NEW QUESTION # 40
Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.
Identify the stage in which he is currently in.

  • A. Incident Disclosure
  • B. Incident Recording and Assignment
  • C. Incident Triage
  • D. Post-Incident Activities

Answer: B


NEW QUESTION # 41
John, a threat analyst at GreenTech Solutions, wants to gather information about specific threats against the organization. He started collecting information from various sources, such as humans, social media, chat room, and so on, and created a report that contains malicious activity.
Which of the following types of threat intelligence did he use?

  • A. Operational Threat Intelligence
  • B. Tactical Threat Intelligence
  • C. Technical Threat Intelligence
  • D. Strategic Threat Intelligence

Answer: A


NEW QUESTION # 42
Identify the password cracking attempt involving a precomputed dictionary of plaintext passwords and their corresponding hash values to crack the password.

  • A. Dictionary Attack
  • B. Rainbow Table Attack
  • C. Bruteforce Attack
  • D. Syllable Attack

Answer: A


NEW QUESTION # 43
Which of the following data source can be used to detect the traffic associated with Bad Bot User-Agents?

  • A. Router Logs
  • B. Switch Logs
  • C. Web Server Logs
  • D. Windows Event Log

Answer: C


NEW QUESTION # 44
Which of the following attack can be eradicated by converting all non-alphanumeric characters to HTML character entities before displaying the user input in search engines and forums?

  • A. XSS Attacks
  • B. Session Management Attacks
  • C. Web Services Attacks
  • D. Broken Access Control Attacks

Answer: A


NEW QUESTION # 45
Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?

  • A. IntelMQ
  • B. MagicTree
  • C. threat_note
  • D. Malstrom

Answer: A


NEW QUESTION # 46
What type of event is recorded when an application driver loads successfully in Windows?

  • A. Success Audit
  • B. Warning
  • C. Information
  • D. Error

Answer: C


NEW QUESTION # 47
Which of the following data source will a SOC Analyst use to monitor connections to the insecure ports?

  • A. IIS Data
  • B. DNS Data
  • C. Netstat Data
  • D. DHCP Data

Answer: C


NEW QUESTION # 48
Daniel is a member of an IRT, which was started recently in a company named Mesh Tech. He wanted to find the purpose and scope of the planned incident response capabilities.
What is he looking for?

  • A. Incident Response Intelligence
  • B. Incident Response Mission
  • C. Incident Response Resources
  • D. Incident Response Vision

Answer: C


NEW QUESTION # 49
In which phase of Lockheed Martin's - Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?

  • A. Reconnaissance
  • B. Exploitation
  • C. Weaponization
  • D. Delivery

Answer: C

Explanation:


NEW QUESTION # 50
Which of the following framework describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering?

  • A. SOC-CMM
  • B. ITIL
  • C. COBIT
  • D. SSE-CMM

Answer: D


NEW QUESTION # 51
An organization is implementing and deploying the SIEM with following capabilities.

What kind of SIEM deployment architecture the organization is planning to implement?

  • A. Self-hosted, Self-Managed
  • B. Cloud, MSSP Managed
  • C. Self-hosted, Jointly Managed
  • D. Self-hosted, MSSP Managed

Answer: A

Explanation:


NEW QUESTION # 52
Which of the following factors determine the choice of SIEM architecture?

  • A. DHCP Configuration
  • B. SMTP Configuration
  • C. DNS Configuration
  • D. Network Topology

Answer: D

Explanation:


NEW QUESTION # 53
......

Pass EC-COUNCIL 312-39 Exam in First Attempt Easily: https://www.actualtestsquiz.com/312-39-test-torrent.html

Practice Test Questions Verified Answers As Experienced in the Actual Test!: https://drive.google.com/open?id=1mjznK-BvUSbOjFwp__EWnyk-dYs6brT_