ECCouncil 312-85 Daily Practice Exam New 2022 Updated 50 Questions
Use Valid 312-85 Exam - Actual Exam Question & Answer
ECCouncil 312-85 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
NEW QUESTION 29
What is the correct sequence of steps involved in scheduling a threat intelligence program?
1. Review the project charter
2. Identify all deliverables
3. Identify the sequence of activities
4. Identify task dependencies
5. Develop the final schedule
6. Estimate duration of each activity
7. Identify and estimate resources for all activities
8. Define all activities
9. Build a work breakdown structure (WBS)
- A. 1-->9-->2-->8-->3-->7-->4-->6-->5
- B. 1-->2-->3-->4-->5-->6-->7-->8-->9
- C. 1-->2-->3-->4-->5-->6-->9-->8-->7
- D. 3-->4-->5-->2-->1-->9-->8-->7-->6
Answer: A
NEW QUESTION 30
An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?
- A. Fast-Flux DNS
- B. Dynamic DNS
- C. DNS interrogation
- D. DNS zone transfer
Answer: A
NEW QUESTION 31
Mr. Bob, a threat analyst, is performing analysis of competing hypotheses (ACH). He has reached to a stage where he is required to apply his analysis skills effectively to reject as many hypotheses and select the best hypotheses from the identified bunch of hypotheses, and this is done with the help of listed evidence. Then, he prepares a matrix where all the screened hypotheses are placed on the top, and the listed evidence for the hypotheses are placed at the bottom.
What stage of ACH is Bob currently in?
- A. Diagnostics
- B. Inconsistency
- C. Refinement
- D. Evidence
Answer: A
NEW QUESTION 32
Alison, an analyst in an XYZ organization, wants to retrieve information about a company's website from the time of its inception as well as the removed information from the target website.
What should Alison do to get the information he needs.
- A. Alison should run the Web Data Extractor tool to extract the required website information.
- B. Alison should recover cached pages of the website from the Google search engine cache to extract the required website information.
- C. Alison should use https://archive.org to extract the required website information.
- D. Alison should use SmartWhois to extract the required website information.
Answer: A
NEW QUESTION 33
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive dat a. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?
- A. Jim should identify the attack at an initial stage by checking the content of the user agent field.
- B. Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.
- C. Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
- D. Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
Answer: C
NEW QUESTION 34
Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?
- A. True attribution
- B. Nation-state attribution
- C. Intrusion-set attribution
- D. Campaign attribution
Answer: A
NEW QUESTION 35
In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.
Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?
- A. Cognitive psychology
- B. Decision theory
- C. Game theory
- D. Machine learning
Answer: B
NEW QUESTION 36
ABC is a well-established cyber-security company in the United States. The organization implemented the automation of tasks such as data enrichment and indicator aggregation. They also joined various communities to increase their knowledge about the emerging threats. However, the security teams can only detect and prevent identified threats in a reactive approach.
Based on threat intelligence maturity model, identify the level of ABC to know the stage at which the organization stands with its security and vulnerabilities.
- A. Level 1: preparing for CTI
- B. Level 2: increasing CTI capabilities
- C. Level 0: vague where to start
- D. Level 3: CTI program in place
Answer: B
NEW QUESTION 37
Walter and Sons Company has faced major cyber attacks and lost confidential dat a. The company has decided to concentrate more on the security rather than other resources. Therefore, they hired Alice, a threat analyst, to perform data analysis. Alice was asked to perform qualitative data analysis to extract useful information from collected bulk data.
Which of the following techniques will help Alice to perform qualitative data analysis?
- A. Regression analysis, variance analysis, and so on
- B. Brainstorming, interviewing, SWOT analysis, Delphi technique, and so on
- C. Finding links between data and discover threat-related information
- D. Numerical calculations, statistical modeling, measurement, research, and so on.
Answer: B
NEW QUESTION 38
Kim, an analyst, is looking for an intelligence-sharing platform to gather and share threat information from a variety of sources. He wants to use this information to develop security policies to enhance the overall security posture of his organization.
Which of the following sharing platforms should be used by Kim?
- A. Blueliv threat exchange network
- B. OmniPeek
- C. Cuckoo sandbox
- D. PortDroid network analysis
Answer: A
NEW QUESTION 39
Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?
- A. Technical threat intelligence
- B. Tactical threat intelligence
- C. Strategic threat intelligence
- D. Operational threat intelligence
Answer: A
NEW QUESTION 40
During the process of threat intelligence analysis, John, a threat analyst, successfully extracted an indication of adversary's information, such as Modus operandi, tools, communication channels, and forensics evasion strategies used by adversaries.
Identify the type of threat intelligence analysis is performed by John.
- A. Strategic threat intelligence analysis
- B. Technical threat intelligence analysis
- C. Operational threat intelligence analysis
- D. Tactical threat intelligence analysis
Answer: D
NEW QUESTION 41
Tim is working as an analyst in an ABC organization. His organization had been facing many challenges in converting the raw threat intelligence data into meaningful contextual information. After inspection, he found that it was due to noise obtained from misrepresentation of data from huge data collections. Hence, it is important to clean the data before performing data analysis using techniques such as data reduction. He needs to choose an appropriate threat intelligence framework that automatically performs data collection, filtering, and analysis for his organization.
Which of the following threat intelligence frameworks should he choose to perform such task?
- A. TC complete
- B. SIGVERIF
- C. Threat grid
- D. HighCharts
Answer: A
NEW QUESTION 42
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?
- A. Object-based storage
- B. Distributed storage
- C. Centralized storage
- D. Cloud storage
Answer: A
NEW QUESTION 43
Henry. a threat intelligence analyst at ABC Inc., is working on a threat intelligence program. He was assigned to work on establishing criteria for prioritization of intelligence needs and requirements.
Which of the following considerations must be employed by Henry to prioritize intelligence requirements?
- A. Produce actionable data
- B. Develop a collection plan
- C. Understand data reliability
- D. Understand frequency and impact of a threat
Answer: D
NEW QUESTION 44
A threat analyst obtains an intelligence related to a threat, where the data is sent in the form of a connection request from a remote host to the server. From this data, he obtains only the IP address of the source and destination but no contextual information. While processing this data, he obtains contextual information stating that multiple connection requests from different geo-locations are received by the server within a short time span, and as a result, the server is stressed and gradually its performance has reduced. He further performed analysis on the information based on the past and present experience and concludes the attack experienced by the client organization.
Which of the following attacks is performed on the client organization?
- A. Bandwidth attack
- B. DHCP attacks
- C. MAC spoofing attack
- D. Distributed Denial-of-Service (DDoS) attack
Answer: D
NEW QUESTION 45
In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?
- A. Production form
- B. Structured form
- C. Unstructured form
- D. Hybrid form
Answer: C
NEW QUESTION 46
An analyst is conducting threat intelligence analysis in a client organization, and during the information gathering process, he gathered information from the publicly available sources and analyzed to obtain a rich useful form of intelligence. The information source that he used is primarily used for national security, law enforcement, and for collecting intelligence required for business or strategic decision making.
Which of the following sources of intelligence did the analyst use to collect information?
- A. SIGINT
- B. OSINT
- C. ISAC
- D. OPSEC
Answer: B
NEW QUESTION 47
......
Test Engine to Practice 312-85 Test Questions: https://www.guidetorrent.com/312-85-pdf-free-download.html
312-85 Real Exam Questions Test Engine Dumps Training With 50 Questions: https://drive.google.com/open?id=1_zLa9GxO6N9E6-i8-oMze1JqIRmCM_Fc