Eccouncil 312-39 Exam Practice Test Instant Access

Question 1

Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?

AApility.io

BMalstrom

COpenDNS

DI-Blocklist

Answer : C

Question 2

Which of the following is a correct flow of the stages in an incident handling and response (IH&R) process?

AContainment --> Incident Recording --> Incident Triage --> Preparation --> Recovery --> Eradication --> Post-Incident Activities

BPreparation --> Incident Recording --> Incident Triage --> Containment --> Eradication --> Recovery --> Post-Incident Activities

CIncident Triage --> Eradication --> Containment --> Incident Recording --> Preparation --> Recovery --> Post-Incident Activities

DIncident Recording --> Preparation --> Containment --> Incident Triage --> Recovery --> Eradication --> Post-Incident Activities

Answer : B

Question 3

Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.

Identify the stage in which he is currently in.

APost-Incident Activities

BIncident Recording and Assignment

CIncident Triage

DIncident Disclosure

Answer : C

Question 4

What does [-n] in the following checkpoint firewall log syntax represents?

fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-b starttime endtime] [-u unification_scheme_file] [-m unification_mode(initial|semi|raw)] [-a] [-k (alert name|all)] [-g] [logfile]

ASpeed up the process by not performing IP addresses DNS resolution in the Log files

BDisplay both the date and the time for each log record

CDisplay account log records only

DDisplay detailed log chains (all the log segments a log record consists of)

Answer : A

Question 5

What does the Security Log Event ID 4624 of Windows 10 indicate?

AService added to the endpoint

BA share was assessed

CAn account was successfully logged on

DNew process executed

Answer : C

Question 6

Which of the following Windows Event Id will help you monitors file sharing across the network?

A7045

B4625

C5140

D4624

Answer : C

Question 7

Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((\%3C)|<)((\%69)|i|(\% 49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)/|.

What does this event log indicate?

ADirectory Traversal Attack

BParameter Tampering Attack

CXSS Attack

DSQL Injection Attack

Answer : C

%253C)%7C<)((%5C%2569)%7Ci%7C(%5C%2549))((%5C%256D)%7Cm%7C(%5C%254D))((%5C% 2567)%7Cg%7C(%5C%2547))%5B%5E%5Cn%5D%2B((%5C%253E)%7C>)/%

7C&source=bl&ots=kOBHNfJmtq&sig=ACfU3U2CG_hELc1HMb1chdc9OS4ooXPlMg&hl=en&sa=X&ved=2ah UKEwjYwJmlt_buAhUFShUIHTBNAs8Q6AEwBXoECAUQAw#v=onepage&q&f=false

Eccouncil 312-39 Certified SOC Analyst Exam Practice Test