Based on Official Syllabus Topics of Actual EC-COUNCIL 312-39 Exam [Q14-Q34]

Share

Based on Official Syllabus Topics of Actual EC-COUNCIL 312-39 Exam

Free 312-39 Dumps are Available for Instant Access

NEW QUESTION # 14
Which of the following are the responsibilities of SIEM Agents?
1.Collecting data received from various devices sending data to SIEM before forwarding it to the central engine.
2.Normalizing data received from various devices sending data to SIEM before forwarding it to the central engine.
3.Co-relating data received from various devices sending data to SIEM before forwarding it to the central engine.
4.Visualizing data received from various devices sending data to SIEM before forwarding it to the central engine.

  • A. 1 and 2
  • B. 1 and 4
  • C. 3 and 1
  • D. 2 and 3

Answer: B


NEW QUESTION # 15
Which of the following factors determine the choice of SIEM architecture?

  • A. DHCP Configuration
  • B. Network Topology
  • C. DNS Configuration
  • D. SMTP Configuration

Answer: B

Explanation:


NEW QUESTION # 16
Which attack works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

  • A. Birthday Attack
  • B. Hybrid Attack
  • C. Bruteforce Attack
  • D. Rainbow Table Attack

Answer: C


NEW QUESTION # 17
The Syslog message severity levels are labelled from level 0 to level 7.
What does level 0 indicate?

  • A. Emergency
  • B. Alert
  • C. Notification
  • D. Debugging

Answer: C


NEW QUESTION # 18
Which of the following framework describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering?

  • A. ITIL
  • B. SSE-CMM
  • C. SOC-CMM
  • D. COBIT

Answer: B


NEW QUESTION # 19
What is the correct sequence of SOC Workflow?

  • A. Collect, Ingest, Document, Validate, Report, Respond
  • B. Collect, Respond, Validate, Ingest, Report, Document
  • C. Collect, Ingest, Validate, Report, Respond, Document
  • D. Collect, Ingest, Validate, Document, Report, Respond

Answer: D


NEW QUESTION # 20
Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp.
What Chloe is looking at?

  • A. Error log
  • B. General message and system-related stuff
  • C. System boot log
  • D. Login records

Answer: D


NEW QUESTION # 21
A type of threat intelligent that find out the information about the attacker by misleading them is known as
.

  • A. Detection Threat Intelligence
  • B. Operational Intelligence
  • C. Threat trending Intelligence
  • D. Counter Intelligence

Answer: B


NEW QUESTION # 22
Which of the following tool is used to recover from web application incident?

  • A. CrowdStrike FalconTM Orchestrator
  • B. Symantec Secure Web Gateway
  • C. Proxy Workbench
  • D. Smoothwall SWG

Answer: B


NEW QUESTION # 23
Which of the following attack can be eradicated by filtering improper XML syntax?

  • A. SQL Injection Attacks
  • B. Insufficient Logging and Monitoring Attacks
  • C. CAPTCHA Attacks
  • D. Web Services Attacks

Answer: A


NEW QUESTION # 24
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

  • A. Low
  • B. Medium
  • C. Extreme
  • D. High

Answer: A


NEW QUESTION # 25
InfoSystem LLC, a US-based company, is establishing an in-house SOC. John has been given the responsibility to finalize strategy, policies, and procedures for the SOC.
Identify the job role of John.

  • A. Security Analyst - L1
  • B. Security Analyst - L2
  • C. Security Engineer
  • D. Chief Information Security Officer (CISO)

Answer: D


NEW QUESTION # 26
Which of the following attack can be eradicated by using a safe API to avoid the use of the interpreter entirely?

  • A. SQL Injection Attacks
  • B. Command Injection Attacks
  • C. File Injection Attacks
  • D. LDAP Injection Attacks

Answer: B

Explanation:


NEW QUESTION # 27
Which of the following can help you eliminate the burden of investigating false positives?

  • A. Ingesting the context data
  • B. Not trusting the security devices
  • C. Keeping default rules
  • D. Treating every alert as high level

Answer: A

Explanation:


NEW QUESTION # 28
The Syslog message severity levels are labelled from level 0 to level 7.
What does level 0 indicate?

  • A. Alert
  • B. Notification
  • C. Emergency
  • D. Debugging

Answer: C

Explanation:


NEW QUESTION # 29
Which of the following event detection techniques uses User and Entity Behavior Analytics (UEBA)?

  • A. Heuristic-based detection
  • B. Rule-based detection
  • C. Signature-based detection
  • D. Anomaly-based detection

Answer: D


NEW QUESTION # 30
Which of the following contains the performance measures, and proper project and time management details?

  • A. Incident Response Policy
  • B. Incident Response Process
  • C. Incident Response Tactics
  • D. Incident Response Procedures

Answer: D


NEW QUESTION # 31
Which of the following is a Threat Intelligence Platform?

  • A. TC Complete
  • B. Keepnote
  • C. SolarWinds MS
  • D. Apility.io

Answer: C


NEW QUESTION # 32
In which log collection mechanism, the system or application sends log records either on the local disk or over the network.

  • A. signature-based
  • B. rule-based
  • C. push-based
  • D. pull-based

Answer: B


NEW QUESTION # 33
Which of the following fields in Windows logs defines the type of event occurred, such as Correlation Hint, Response Time, SQM, WDI Context, and so on?

  • A. Level
  • B. Keywords
  • C. Task Category
  • D. Source

Answer: B


NEW QUESTION # 34
......


To be eligible for the exam, candidates must have at least two years of experience in information security and possess a strong understanding of networking, operating systems, and cybersecurity fundamentals. 312-39 exam consists of 100 multiple-choice questions and must be completed within three hours. Passing the exam requires a minimum score of 70%.

 

The Most In-Demand 312-39 Pass Guaranteed Quiz : https://www.validbraindumps.com/312-39-exam-prep.html

View All 312-39 Actual Exam Questions Answers and Explanations for Free: https://drive.google.com/open?id=1NlVk4AbkJ0MGRmWg1Nx4tgjCL4Cmqe2B