Eccouncil 312-39 Exam Practice Test Instant Access

Question 1

Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.

What among the following should Wesley avoid from considering?

ADeserialization of trusted data must cross a trust boundary

BUnderstand the security permissions given to serialization and deserialization

CAllow serialization for security-sensitive classes

DValidate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes

Answer : C

Question 2

In which of the following incident handling and response stages, the root cause of the incident must be found from the forensic results?

AEvidence Gathering

BEvidence Handling

CEradication

DSystems Recovery

Answer : A

Question 3

Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for further investigation and confirmation. Charline, after a thorough investigation, confirmed the incident and assigned it with an initial priority.

What would be her next action according to the SOC workflow?

AShe should immediately escalate this issue to the management

BShe should immediately contact the network administrator to solve the problem

CShe should communicate this incident to the media immediately

DShe should formally raise a ticket and forward it to the IRT

Answer : D

Question 4

An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted code at the end of the company's URL as follows:

http://technosoft.com.com/. Identify the attack demonstrated in the above scenario.

ACross-site Scripting Attack

BSQL Injection Attack

CDenial-of-Service Attack

DSession Attack

Answer : A

Question 5

Which one of the following is the correct flow for Setting Up a Computer Forensics Lab?

APlanning and budgeting --> Physical location and structural design considerations --> Work area considerations --> Human resource considerations --> Physical security recommendations --> Forensics lab licensing

BPlanning and budgeting --> Physical location and structural design considerations--> Forensics lab licensing --> Human resource considerations --> Work area considerations --> Physical security recommendations

CPlanning and budgeting --> Forensics lab licensing --> Physical location and structural design considerations --> Work area considerations --> Physical security recommendations --> Human resource considerations

DPlanning and budgeting --> Physical location and structural design considerations --> Forensics lab licensing -->Work area considerations --> Human resource considerations --> Physical security recommendations

Answer : A

Question 6

Which of the following can help you eliminate the burden of investigating false positives?

AKeeping default rules

BNot trusting the security devices

CTreating every alert as high level

DIngesting the context data

Answer : D

Question 7

Identify the password cracking attempt involving a precomputed dictionary of plaintext passwords and their corresponding hash values to crack the password.

ADictionary Attack

BRainbow Table Attack

CBruteforce Attack

DSyllable Attack

Answer : A

Eccouncil Certified SOC Analyst 312-39 Exam Practice Test