Eccouncil 312-39 Exam Practice Test Instant Access

Question 1

Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?

AApility.io

BMalstrom

COpenDNS

DI-Blocklist

Answer : C

Question 2

Peter, a SOC analyst with Spade Systems, is monitoring and analyzing the router logs of the company and wanted to check the logs that are generated by access control list numbered 210.

What filter should Peter add to the 'show logging' command to get the required output?

Ashow logging | access 210

Bshow logging | forward 210

Cshow logging | include 210

Dshow logging | route 210

Answer : C

Question 3

Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.

What does this event log indicate?

ADirectory Traversal Attack

BXSS Attack

CSQL Injection Attack

DParameter Tampering Attack

Answer : D

Question 4

Which of the following is a correct flow of the stages in an incident handling and response (IH&R) process?

AContainment --> Incident Recording --> Incident Triage --> Preparation --> Recovery --> Eradication --> Post-Incident Activities

BPreparation --> Incident Recording --> Incident Triage --> Containment --> Eradication --> Recovery --> Post-Incident Activities

CIncident Triage --> Eradication --> Containment --> Incident Recording --> Preparation --> Recovery --> Post-Incident Activities

DIncident Recording --> Preparation --> Containment --> Incident Triage --> Recovery --> Eradication --> Post-Incident Activities

Answer : B

Question 5

Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.

Identify the stage in which he is currently in.

APost-Incident Activities

BIncident Recording and Assignment

CIncident Triage

DIncident Disclosure

Answer : C

Question 6

What does the Security Log Event ID 4624 of Windows 10 indicate?

AService added to the endpoint

BA share was assessed

CAn account was successfully logged on

DNew process executed

Answer : C

Question 7

Harley is working as a SOC analyst with Powell Tech. Powell Inc. is using Internet Information Service (IIS) version 7.0 to host their website.

Where will Harley find the web server logs, if he wants to investigate them for any anomalies?

ASystemDrive%\inetpub\logs\LogFiles\W3SVCN

BSystemDrive%\LogFiles\inetpub\logs\W3SVCN

C%SystemDrive%\LogFiles\logs\W3SVCN

DSystemDrive%\ inetpub\LogFiles\logs\W3SVCN

Answer : A

Eccouncil 312-39 Certified SOC Analyst Exam Practice Test