Eccouncil 312-39 Certified SOC Analyst Exam Practice Test

Which of the following steps of incident handling and response process focus on limiting the scope and extent of an incident?

Identify the attack, where an attacker tries to discover all the possible information about a target network before launching a further attack.

In which phase of Lockheed Martin's -- Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?

What does the HTTP status codes 1XX represents?

Which of the following is a set of standard guidelines for ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection?

Harley is working as a SOC analyst with Powell Tech. Powell Inc. is using Internet Information Service (IIS) version 7.0 to host their website.

Where will Harley find the web server logs, if he wants to investigate them for any anomalies?

John, SOC analyst wants to monitor the attempt of process creation activities from any of their Windows endpoints.

Which of following Splunk query will help him to fetch related logs associated with process creation?