[Feb 20, 2022] Download Free ECCouncil 312-85 Real Exam Questions
Pass Your Exam With 100% Verified 312-85 Exam Questions
ECCouncil 312-85 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
| Topic 12 |
|
NEW QUESTION 25
A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.
Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?
- A. Threat modelling
- B. Application decomposition and analysis (ADA)
- C. Automated technical analysis
- D. Analysis of competing hypotheses (ACH)
Answer: D
NEW QUESTION 26
Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?
- A. Data collection through passive DNS monitoring
- B. Data collection through DNS interrogation
- C. Data collection through dynamic DNS (DDNS)
- D. Data collection through DNS zone transfer
Answer: B
NEW QUESTION 27
Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization.
Which of the following are the needs of a RedTeam?
- A. Intelligence that reveals risks related to various strategic business decisions
- B. Intelligence related to increased attacks targeting a particular software or operating system vulnerability
- C. Intelligence extracted latest attacks analysis on similar organizations, which includes details about latest threats and TTPs
- D. Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and procedures (TTPs)
Answer: D
NEW QUESTION 28
What is the correct sequence of steps involved in scheduling a threat intelligence program?
1. Review the project charter
2. Identify all deliverables
3. Identify the sequence of activities
4. Identify task dependencies
5. Develop the final schedule
6. Estimate duration of each activity
7. Identify and estimate resources for all activities
8. Define all activities
9. Build a work breakdown structure (WBS)
- A. 1-->2-->3-->4-->5-->6-->9-->8-->7
- B. 1-->9-->2-->8-->3-->7-->4-->6-->5
- C. 3-->4-->5-->2-->1-->9-->8-->7-->6
- D. 1-->2-->3-->4-->5-->6-->7-->8-->9
Answer: B
NEW QUESTION 29
Joe works as a threat intelligence analyst with Xsecurity Inc. He is assessing the TI program by comparing the project results with the original objectives by reviewing project charter. He is also reviewing the list of expected deliverables to ensure that each of those is delivered to an acceptable level of quality.
Identify the activity that Joe is performing to assess a TI program's success or failure.
- A. Identifying areas of further improvement
- B. Determining the costs and benefits associated with the program
- C. Determining the fulfillment of stakeholders
- D. Conducting a gap analysis
Answer: D
NEW QUESTION 30
Alice, a threat intelligence analyst at HiTech Cyber Solutions, wants to gather information for identifying emerging threats to the organization and implement essential techniques to prevent their systems and networks from such attacks. Alice is searching for online sources to obtain information such as the method used to launch an attack, and techniques and tools used to perform an attack and the procedures followed for covering the tracks after an attack.
Which of the following online sources should Alice use to gather such information?
- A. Hacking forums
- B. Financial services
- C. Social network settings
- D. Job sites
Answer: A
NEW QUESTION 31
Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.
Which of the following phases of cyber kill chain methodology is Jame executing?
- A. Weaponization
- B. Installation
- C. Reconnaissance
- D. Exploitation
Answer: A
NEW QUESTION 32
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?
- A. Persistence
- B. Initial intrusion
- C. Search and exfiltration
- D. Expansion
Answer: D
NEW QUESTION 33
Daniel is a professional hacker whose aim is to attack a system to steal data and money for profit. He performs hacking to obtain confidential data such as social security numbers, personally identifiable information (PII) of an employee, and credit card information. After obtaining confidential data, he further sells the information on the black market to make money.
Daniel comes under which of the following types of threat actor.
- A. State-sponsored hackers
- B. Organized hackers
- C. Industrial spies
- D. Insider threat
Answer: B
NEW QUESTION 34
Kim, an analyst, is looking for an intelligence-sharing platform to gather and share threat information from a variety of sources. He wants to use this information to develop security policies to enhance the overall security posture of his organization.
Which of the following sharing platforms should be used by Kim?
- A. PortDroid network analysis
- B. OmniPeek
- C. Cuckoo sandbox
- D. Blueliv threat exchange network
Answer: D
NEW QUESTION 35
Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?
- A. Intrusion-set attribution
- B. Campaign attribution
- C. Nation-state attribution
- D. True attribution
Answer: D
NEW QUESTION 36
A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but after performing proper analysis by him, the same information can be used to detect an attack in the network.
Which of the following categories of threat information has he collected?
- A. Advisories
- B. Detection indicators
- C. Low-level data
- D. Strategic reports
Answer: B
NEW QUESTION 37
Lizzy, an analyst, wants to recognize the level of risks to the organization so as to plan countermeasures against cyber attacks. She used a threat modelling methodology where she performed the following stages:
Stage 1: Build asset-based threat profiles
Stage 2: Identify infrastructure vulnerabilities
Stage 3: Develop security strategy and plans
Which of the following threat modelling methodologies was used by Lizzy in the aforementioned scenario?
- A. OCTAVE
- B. DREAD
- C. TRIKE
- D. VAST
Answer: A
NEW QUESTION 38
Miley, an analyst, wants to reduce the amount of collected data and make the storing and sharing process easy. She uses filtering, tagging, and queuing technique to sort out the relevant and structured data from the large amounts of unstructured data.
Which of the following techniques was employed by Miley?
- A. Normalization
- B. Data visualization
- C. Sandboxing
- D. Convenience sampling
Answer: A
NEW QUESTION 39
Tracy works as a CISO in a large multinational company. She consumes threat intelligence to understand the changing trends of cyber security. She requires intelligence to understand the current business trends and make appropriate decisions regarding new technologies, security budget, improvement of processes, and staff. The intelligence helps her in minimizing business risks and protecting the new technology and business initiatives.
Identify the type of threat intelligence consumer is Tracy.
- A. Tactical users
- B. Technical users
- C. Strategic users
- D. Operational users
Answer: C
NEW QUESTION 40
Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?
- A. White
- B. Amber
- C. Red
- D. Green
Answer: B
NEW QUESTION 41
In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.
Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?
- A. Machine learning
- B. Cognitive psychology
- C. Decision theory
- D. Game theory
Answer: C
NEW QUESTION 42
Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?
- A. Operational threat intelligence
- B. Technical threat intelligence
- C. Tactical threat intelligence
- D. Strategic threat intelligence
Answer: B
NEW QUESTION 43
In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?
- A. Unstructured form
- B. Production form
- C. Structured form
- D. Hybrid form
Answer: A
NEW QUESTION 44
Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.
Which of the following categories of threat intelligence feed was acquired by Jian?
- A. Internal intelligence feeds
- B. External intelligence feeds
- C. CSV data feeds
- D. Proactive surveillance feeds
Answer: A
NEW QUESTION 45
......
312-85 Dumps 100 Pass Guarantee With Latest Demo: https://www.preppdf.com/ECCouncil/312-85-prepaway-exam-dumps.html
312-85 Dumps PDF - 312-85 Real Exam Questions Answers: https://drive.google.com/open?id=1SAA9lXp9MrpDxPS1y70HfiIqBUMbbtI1