Get EC-COUNCIL 312-39 Dumps Questions Study Exam Guide Apr 13, 2024 312-39 Premium Exam Engine - Download Free PDF Questions NEW QUESTION # 11 Which of the following process refers to the discarding of the packets at the routing level without informing the source that the data did not reach its intended recipient? A. Black Hole Filtering B. Rate Limiting C. Load Balancing D. Drop Requests Answer: A [...]

All Products Contact now

Get EC-COUNCIL 312-39 Dumps Questions Study Exam Guide Apr 13, 2024 [Q11-Q35]

Share

Get EC-COUNCIL 312-39 Dumps Questions Study Exam Guide Apr 13, 2024

312-39 Premium Exam Engine - Download Free PDF Questions

NEW QUESTION # 11
Which of the following process refers to the discarding of the packets at the routing level without informing the source that the data did not reach its intended recipient?

  • A. Black Hole Filtering
  • B. Rate Limiting
  • C. Load Balancing
  • D. Drop Requests

Answer: A


NEW QUESTION # 12
Which of the following is a default directory in a Mac OS X that stores security-related logs?

  • A. /Library/Logs/Sync
  • B. ~/Library/Logs
  • C. /var/log/cups/access_log
  • D. /private/var/log

Answer: B


NEW QUESTION # 13
Which of the following directory will contain logs related to printer access?

  • A. /var/log/cups/Printeraccess_log file
  • B. /var/log/cups/Printer_log file
  • C. /var/log/cups/accesslog file
  • D. /var/log/cups/access_log file

Answer: B


NEW QUESTION # 14
Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.
Identify the stage in which he is currently in.

  • A. Incident Recording and Assignment
  • B. Post-Incident Activities
  • C. Incident Disclosure
  • D. Incident Triage

Answer: D

Explanation:


NEW QUESTION # 15
Which of the following Windows event is logged every time when a user tries to access the "Registry" key?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D


NEW QUESTION # 16
Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.

What does this event log indicate?

  • A. SQL Injection Attack
  • B. XSS Attack
  • C. Directory Traversal Attack
  • D. Parameter Tampering Attack

Answer: D


NEW QUESTION # 17
Jason, a SOC Analyst with Maximus Tech, was investigating Cisco ASA Firewall logs and came across the following log entry:
May 06 2018 21:27:27 asa 1: %ASA -5 - 11008: User 'enable_15' executed the 'configure term' command What does the security level in the above log indicates?

  • A. Informational message
  • B. Critical condition message
  • C. Warning condition message
  • D. Normal but significant message

Answer: D

Explanation:


NEW QUESTION # 18
According to the forensics investigation process, what is the next step carried out right after collecting the evidence?

  • A. Set a Forensic lab
  • B. Call Organizational Disciplinary Team
  • C. Create a Chain of Custody Document
  • D. Send it to the nearby police station

Answer: C


NEW QUESTION # 19
Jony, a security analyst, while monitoring IIS logs, identified events shown in the figure below.

What does this event log indicate?

  • A. SQL Injection Attack
  • B. XSS Attack
  • C. Directory Traversal Attack
  • D. Parameter Tampering Attack

Answer: D


NEW QUESTION # 20
An organization is implementing and deploying the SIEM with following capabilities.

What kind of SIEM deployment architecture the organization is planning to implement?

  • A. Cloud, MSSP Managed
  • B. Self-hosted, Jointly Managed
  • C. Self-hosted, MSSP Managed
  • D. Self-hosted, Self-Managed

Answer: D

Explanation:


NEW QUESTION # 21
What is the process of monitoring and capturing all data packets passing through a given network using different tools?

  • A. DNS Footprinting
  • B. Port Scanning
  • C. Network Sniffing
  • D. Network Scanning

Answer: C


NEW QUESTION # 22
Which of the following Windows event is logged every time when a user tries to access the "Registry" key?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

Explanation:


NEW QUESTION # 23
Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for further investigation and confirmation. Charline, after a thorough investigation, confirmed the incident and assigned it with an initial priority.
What would be her next action according to the SOC workflow?

  • A. She should immediately escalate this issue to the management
  • B. She should formally raise a ticket and forward it to the IRT
  • C. She should immediately contact the network administrator to solve the problem
  • D. She should communicate this incident to the media immediately

Answer: C


NEW QUESTION # 24
Robin, a SOC engineer in a multinational company, is planning to implement a SIEM. He realized that his organization is capable of performing only Correlation, Analytics, Reporting, Retention, Alerting, and Visualization required for the SIEM implementation and has to take collection and aggregation services from a Managed Security Services Provider (MSSP).
What kind of SIEM is Robin planning to implement?

  • A. Self-hosted, Self-Managed
  • B. Cloud, Self-Managed
  • C. Hybrid Model, Jointly Managed
  • D. Self-hosted, MSSP Managed

Answer: D


NEW QUESTION # 25
Which of the following attacks causes sudden changes in file extensions or increase in file renames at rapid speed?

  • A. DoS Attack
  • B. DHCP starvation Attack
  • C. File Injection Attack
  • D. Ransomware Attack

Answer: D


NEW QUESTION # 26
Which of the following attack can be eradicated by using a safe API to avoid the use of the interpreter entirely?

  • A. LDAP Injection Attacks
  • B. SQL Injection Attacks
  • C. Command Injection Attacks
  • D. File Injection Attacks

Answer: B


NEW QUESTION # 27
John, a SOC analyst, while monitoring and analyzing Apache web server logs, identified an event log matching Regex /(\.|(%|%25)2E)(\.|(%|%25)2E)(\/|(%|%25)2F|\\|(%|%25)5C)/i.
What does this event log indicate?

  • A. XSS Attack
  • B. Parameter Tampering Attack
  • C. SQL injection Attack
  • D. Directory Traversal Attack

Answer: A


NEW QUESTION # 28
An organization is implementing and deploying the SIEM with following capabilities.

What kind of SIEM deployment architecture the organization is planning to implement?

  • A. Self-hosted, Self-Managed
  • B. Self-hosted, Jointly Managed
  • C. Self-hosted, MSSP Managed
  • D. Cloud, MSSP Managed

Answer: D


NEW QUESTION # 29
Which of the following Windows Event Id will help you monitors file sharing across the network?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B


NEW QUESTION # 30
Identify the type of attack, an attacker is attempting on www.example.com website.

  • A. Session Attack
  • B. Cross-site Scripting Attack
  • C. SQL Injection Attack
  • D. Denial-of-Service Attack

Answer: B


NEW QUESTION # 31
Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.
What among the following should Wesley avoid from considering?

  • A. Allow serialization for security-sensitive classes
  • B. Deserialization of trusted data must cross a trust boundary
  • C. Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes
  • D. Understand the security permissions given to serialization and deserialization

Answer: A


NEW QUESTION # 32
Which one of the following is the correct flow for Setting Up a Computer Forensics Lab?

  • A. Planning and budgeting -> Physical location and structural design considerations-> Forensics lab licensing -> Human resource considerations -> Work area considerations -> Physical security recommendations
  • B. Planning and budgeting -> Physical location and structural design considerations -> Forensics lab licensing ->Work area considerations -> Human resource considerations -> Physical security recommendations
  • C. Planning and budgeting -> Forensics lab licensing -> Physical location and structural design considerations -> Work area considerations -> Physical security recommendations -> Human resource considerations
  • D. Planning and budgeting -> Physical location and structural design considerations -> Work area considerations -> Human resource considerations -> Physical security recommendations -> Forensics lab licensing

Answer: D


NEW QUESTION # 33
Which of the following tool is used to recover from web application incident?

  • A. Symantec Secure Web Gateway
  • B. Smoothwall SWG
  • C. CrowdStrike FalconTM Orchestrator
  • D. Proxy Workbench

Answer: C

Explanation:


NEW QUESTION # 34
Which of the following can help you eliminate the burden of investigating false positives?

  • A. Keeping default rules
  • B. Not trusting the security devices
  • C. Treating every alert as high level
  • D. Ingesting the context data

Answer: A


NEW QUESTION # 35
......

Free 312-39 Exam Braindumps EC-COUNCIL  Pratice Exam: https://freetorrent.braindumpsvce.com/312-39_exam-dumps-torrent.html

Related Articles

more
EC-COUNCIL 312-39 Certification Practice Exam