Eccouncil 312-39 Exam Practice Test Instant Access

Question 1

Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?

AApility.io

BMalstrom

COpenDNS

DI-Blocklist

Answer : C

Question 2

Which of the following is a correct flow of the stages in an incident handling and response (IH&R) process?

AContainment --> Incident Recording --> Incident Triage --> Preparation --> Recovery --> Eradication --> Post-Incident Activities

BPreparation --> Incident Recording --> Incident Triage --> Containment --> Eradication --> Recovery --> Post-Incident Activities

CIncident Triage --> Eradication --> Containment --> Incident Recording --> Preparation --> Recovery --> Post-Incident Activities

DIncident Recording --> Preparation --> Containment --> Incident Triage --> Recovery --> Eradication --> Post-Incident Activities

Answer : B

Question 3

Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.

Identify the stage in which he is currently in.

APost-Incident Activities

BIncident Recording and Assignment

CIncident Triage

DIncident Disclosure

Answer : C

Question 4

What does [-n] in the following checkpoint firewall log syntax represents?

fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-b starttime endtime] [-u unification_scheme_file] [-m unification_mode(initial|semi|raw)] [-a] [-k (alert name|all)] [-g] [logfile]

ASpeed up the process by not performing IP addresses DNS resolution in the Log files

BDisplay both the date and the time for each log record

CDisplay account log records only

DDisplay detailed log chains (all the log segments a log record consists of)

Answer : A

Question 5

What does the Security Log Event ID 4624 of Windows 10 indicate?

AService added to the endpoint

BA share was assessed

CAn account was successfully logged on

DNew process executed

Answer : C

Question 6

Identify the type of attack, an attacker is attempting on www.example.com website.

ACross-site Scripting Attack

BSession Attack

CDenial-of-Service Attack

DSQL Injection Attack

Answer : A

Question 7

The threat intelligence, which will help you, understand adversary intent and make informed decision to ensure appropriate security in alignment with risk.

What kind of threat intelligence described above?

ATactical Threat Intelligence

BStrategic Threat Intelligence

CFunctional Threat Intelligence

DOperational Threat Intelligence

Answer : B

Eccouncil 312-39 Certified SOC Analyst Exam Practice Test