
312-85 Dumps PDF New [2023] Ultimate Study Guide
312-85 Exam Dumps PDF Updated Dump from Free4Dump Guaranteed Success
ECCouncil 312-85 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
NEW QUESTION 26
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive dat a. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?
- A. Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
- B. Jim should identify the attack at an initial stage by checking the content of the user agent field.
- C. Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
- D. Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.
Answer: C
NEW QUESTION 27
Steve works as an analyst in a UK-based firm. He was asked to perform network monitoring to find any evidence of compromise. During the network monitoring, he came to know that there are multiple logins from different locations in a short time span. Moreover, he also observed certain irregular log in patterns from locations where the organization does not have business relations. This resembles that somebody is trying to steal confidential information.
Which of the following key indicators of compromise does this scenario present?
- A. Unusual activity through privileged user account
- B. Geographical anomalies
- C. Unexpected patching of systems
- D. Unusual outbound network traffic
Answer: A
NEW QUESTION 28
In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.
Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?
- A. Machine learning
- B. Game theory
- C. Cognitive psychology
- D. Decision theory
Answer: B
NEW QUESTION 29
Miley, an analyst, wants to reduce the amount of collected data and make the storing and sharing process easy. She uses filtering, tagging, and queuing technique to sort out the relevant and structured data from the large amounts of unstructured data.
Which of the following techniques was employed by Miley?
- A. Data visualization
- B. Sandboxing
- C. Normalization
- D. Convenience sampling
Answer: C
NEW QUESTION 30
An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?
- A. DNS interrogation
- B. Dynamic DNS
- C. Fast-Flux DNS
- D. DNS zone transfer
Answer: C
NEW QUESTION 31
Tracy works as a CISO in a large multinational company. She consumes threat intelligence to understand the changing trends of cyber security. She requires intelligence to understand the current business trends and make appropriate decisions regarding new technologies, security budget, improvement of processes, and staff. The intelligence helps her in minimizing business risks and protecting the new technology and business initiatives.
Identify the type of threat intelligence consumer is Tracy.
- A. Tactical users
- B. Technical users
- C. Strategic users
- D. Operational users
Answer: C
NEW QUESTION 32
An organization suffered many major attacks and lost critical information, such as employee records, and financial information. Therefore, the management decides to hire a threat analyst to extract the strategic threat intelligence that provides high-level information regarding current cyber-security posture, threats, details on the financial impact of various cyber-activities, and so on.
Which of the following sources will help the analyst to collect the required intelligence?
- A. Human, social media, chat rooms
- B. Campaign reports, malware, incident reports, attack group reports, human intelligence
- C. Active campaigns, attacks on other organizations, data feeds from external third parties
- D. OSINT, CTI vendors, ISAO/ISACs
Answer: D
NEW QUESTION 33
H&P, Inc. is a small-scale organization that has decided to outsource the network security monitoring due to lack of resources in the organization. They are looking for the options where they can directly incorporate threat intelligence into their existing network defense solutions.
Which of the following is the most cost-effective methods the organization can employ?
- A. Recruit managed security service providers (MSSP)
- B. Recruit data management solution provider
- C. Recruit the right talent
- D. Look for an individual within the organization
Answer: A
NEW QUESTION 34
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?
- A. Distributed storage
- B. Cloud storage
- C. Object-based storage
- D. Centralized storage
Answer: D
NEW QUESTION 35
Henry. a threat intelligence analyst at ABC Inc., is working on a threat intelligence program. He was assigned to work on establishing criteria for prioritization of intelligence needs and requirements.
Which of the following considerations must be employed by Henry to prioritize intelligence requirements?
- A. Produce actionable data
- B. Understand data reliability
- C. Understand frequency and impact of a threat
- D. Develop a collection plan
Answer: C
NEW QUESTION 36
Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?
- A. Amber
- B. White
- C. Red
- D. Green
Answer: D
NEW QUESTION 37
Kim, an analyst, is looking for an intelligence-sharing platform to gather and share threat information from a variety of sources. He wants to use this information to develop security policies to enhance the overall security posture of his organization.
Which of the following sharing platforms should be used by Kim?
- A. OmniPeek
- B. Blueliv threat exchange network
- C. PortDroid network analysis
- D. Cuckoo sandbox
Answer: B
NEW QUESTION 38
Sarah is a security operations center (SOC) analyst working at JW Williams and Sons organization based in Chicago. As a part of security operations, she contacts information providers (sharing partners) for gathering information such as collections of validated and prioritized threat indicators along with a detailed technical analysis of malware samples, botnets, DDoS attack methods, and various other malicious tools. She further used the collected information at the tactical and operational levels.
Sarah obtained the required information from which of the following types of sharing partner?
- A. Providers of threat actors
- B. Providers of comprehensive cyber-threat intelligence
- C. Providers of threat data feeds
- D. Providers of threat indicators
Answer: B
NEW QUESTION 39
Which of the following components refers to a node in the network that routes the traffic from a workstation to external command and control server and helps in identification of installed malware in the network?
- A. Network interface card (NIC)
- B. Repeater
- C. Gateway
- D. Hub
Answer: C
NEW QUESTION 40
During the process of threat intelligence analysis, John, a threat analyst, successfully extracted an indication of adversary's information, such as Modus operandi, tools, communication channels, and forensics evasion strategies used by adversaries.
Identify the type of threat intelligence analysis is performed by John.
- A. Operational threat intelligence analysis
- B. Technical threat intelligence analysis
- C. Tactical threat intelligence analysis
- D. Strategic threat intelligence analysis
Answer: C
NEW QUESTION 41
......
Pass Your ECCouncil Exam with 312-85 Exam Dumps: https://www.free4dump.com/312-85-braindumps-torrent.html
312-85 Exam Dumps - ECCouncil Practice Test Questions: https://drive.google.com/open?id=1zQ6VqmoDxxByY3qICYjj9K4dnmYpH06G