EC-COUNCIL 312-39 Actual Free Exam Questions & Community Discussion
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for furtherinvestigation and confirmation. Charline, after a thorough investigation, confirmed the incident and assigned it with an initial priority.
What would be her next action according to the SOC workflow?
What would be her next action according to the SOC workflow?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
The Security Operations Center (SOC) team is investigating a suspected malware incident during the Analysis Phase of their incident response process. Their primary goal is to validate the initial detection, ensure the threat is real, and gather critical intelligence to understand the scope of the attack. Which action should the SOC team take to confirm initial findings and eliminate false alarms?
Correct Answer: D
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Which of the following threat intelligence helps cyber securityprofessionals such as security operations managers, network operations center and incident responders to understand how the adversaries are expected to perform the attack on the organization, and the technical capabilities and goals of the attackers along with the attack vectors?
Correct Answer: C
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very high, and the impact of that attack is major?
NOTE: It is mandatory to answer the question before proceeding to the next one.
NOTE: It is mandatory to answer the question before proceeding to the next one.
Correct Answer: C
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
If the SIEM generates the following four alerts at the same time:
I.Firewall blocking traffic fromgetting into the network alerts
II.SQL injection attempt alerts
III.Data deletion attempt alerts
IV.Brute-force attempt alerts
Which alert should be given least priority as per effective alert triaging?
I.Firewall blocking traffic fromgetting into the network alerts
II.SQL injection attempt alerts
III.Data deletion attempt alerts
IV.Brute-force attempt alerts
Which alert should be given least priority as per effective alert triaging?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Sarah Chen is a Level 1 SOC analyst at Centex Healthcare. The SOC detected a potential data breach involving unauthorized access to patient records. Multiple departments need constant updates: Legal needs HIPAA compliance implications, HR needs to coordinate staff training responses, and the MSSP requires technical details to assist containment. Which role serves as the central point of communication between these stakeholders?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Which of the following is a set of standard guidelines for ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection?
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
David is a SOC analyst responsible for monitoring critical infrastructure. He detects unauthorized applications running on a high-privilege Windows server accessible only by a restricted set of users. The applications were not part of approved deployments, and installations occurred outside business hours. Logs indicate potential system configuration changes around the same timeframe. Which log should he examine to determine when and how these installations occurred?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Jackson & Co., a mid-sized law firm, is concerned about web-based cyber threats. The IT team implements a solution that serves as an intermediary for all HTTP and HTTPS requests. This allows the SOC to inspect, filter, and control web traffic to detect and block malicious websites, phishing attempts, and other online threats before they reach users. Which containment method is the organization using to gain visibility and control over web traffic?
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
You are part of a team of SOC analysts in a multinational organization that processes large volumes of security logs from various sources, including firewalls, IDS, and authentication servers. Your team is having difficulty detecting incidents because logs from different systems are analyzed in isolation, making it harder to link related events. What approach should you implement for future investigations to automatically match related log events based on predefined rules?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp.
What Chloe is looking at?
What Chloe is looking at?
Correct Answer: D
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
An organization is implementing and deploying the SIEM with following capabilities.

What kind of SIEM deployment architecture the organization is planning to implement?

What kind of SIEM deployment architecture the organization is planning to implement?
Correct Answer: C
Vote an answer
0
0
0
10
