Eccouncil 312-39 Exam Practice Test Instant Access

Question 1

Bonney's system has been compromised by a gruesome malware.

What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?

AComplaint to police in a formal way regarding the incident

BTurn off the infected machine

CLeave it to the network administrators to handle

DCall the legal department in the organization and inform about the incident

Answer : B

Question 2

According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

AHigh

BExtreme

CLow

DMedium

Answer : D

Question 3

Identify the type of attack, an attacker is attempting on www.example.com website.

ACross-site Scripting Attack

BSession Attack

CDenial-of-Service Attack

DSQL Injection Attack

Answer : A

Question 4

Which of the following command is used to enable logging in iptables?

A$ iptables -B INPUT -j LOG

B$ iptables -A OUTPUT -j LOG

C$ iptables -A INPUT -j LOG

D$ iptables -B OUTPUT -j LOG

Answer : C

Question 5

What does Windows event ID 4740 indicate?

AA user account was locked out.

BA user account was disabled.

CA user account was enabled.

DA user account was created.

Answer : A

Question 6

Which of the following attack can be eradicated by filtering improper XML syntax?

ACAPTCHA Attacks

BSQL Injection Attacks

CInsufficient Logging and Monitoring Attacks

DWeb Services Attacks

Answer : B

Question 7

Which of the following event detection techniques uses User and Entity Behavior Analytics (UEBA)?

ARule-based detection

BHeuristic-based detection

CAnomaly-based detection

DSignature-based detection

Answer : C

Eccouncil 312-39 Certified SOC Analyst Exam Practice Test