Eccouncil 312-39 Certified SOC Analyst Exam Practice Test

Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for further investigation and confirmation. Charline, after a thorough investigation, confirmed the incident and assigned it with an initial priority.

What would be her next action according to the SOC workflow?

Which of the following data source will a SOC Analyst use to monitor connections to the insecure ports?

Which of the following steps of incident handling and response process focus on limiting the scope and extent of an incident?

Peter, a SOC analyst with Spade Systems, is monitoring and analyzing the router logs of the company and wanted to check the logs that are generated by access control list numbered 210.

What filter should Peter add to the 'show logging' command to get the required output?

Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.

What does this event log indicate?

Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.

What among the following should Wesley avoid from considering?

What is the correct sequence of SOC Workflow?