Eccouncil 312-39 Exam Practice Test Instant Access

Question 1

Which of the following factors determine the choice of SIEM architecture?

ASMTP Configuration

BDHCP Configuration

CDNS Configuration

DNetwork Topology

Answer : D

Question 2

Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?

AApility.io

BMalstrom

COpenDNS

DI-Blocklist

Answer : C

Question 3

Peter, a SOC analyst with Spade Systems, is monitoring and analyzing the router logs of the company and wanted to check the logs that are generated by access control list numbered 210.

What filter should Peter add to the 'show logging' command to get the required output?

Ashow logging | access 210

Bshow logging | forward 210

Cshow logging | include 210

Dshow logging | route 210

Answer : C

Question 4

Identify the event severity level in Windows logs for the events that are not necessarily significant, but may indicate a possible future problem.

AFailure Audit

BWarning

CError

DInformation

Answer : B

Question 5

Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?

A$ tailf /var/log/sys/kern.log

B$ tailf /var/log/kern.log

C# tailf /var/log/messages

D# tailf /var/log/sys/messages

Answer : B

Question 6

Which of the following technique involves scanning the headers of IP packets leaving a network to make sure

that the unauthorized or malicious traffic never leaves the internal network?

AEgress Filtering

BThrottling

CRate Limiting

DIngress Filtering

Answer : A

Question 7

Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp.

What Chloe is looking at?

AError log

BSystem boot log

CGeneral message and system-related stuff

DLogin records

Answer : D

Eccouncil Certified SOC Analyst 312-39 Exam Practice Test