[Jul 31, 2022] Pass ECCouncil 312-85 Exam Info and Free Practice Test
312-85 Exam Dumps PDF Updated Dump from Pass4training Guaranteed Success
ECCouncil 312-85 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
NEW QUESTION 15
Joe works as a threat intelligence analyst with Xsecurity Inc. He is assessing the TI program by comparing the project results with the original objectives by reviewing project charter. He is also reviewing the list of expected deliverables to ensure that each of those is delivered to an acceptable level of quality.
Identify the activity that Joe is performing to assess a TI program's success or failure.
- A. Determining the costs and benefits associated with the program
- B. Identifying areas of further improvement
- C. Conducting a gap analysis
- D. Determining the fulfillment of stakeholders
Answer: C
NEW QUESTION 16
Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?
- A. Green
- B. White
- C. Red
- D. Amber
Answer: A
NEW QUESTION 17
Karry, a threat analyst at an XYZ organization, is performing threat intelligence analysis. During the data collection phase, he used a data collection method that involves no participants and is purely based on analysis and observation of activities and processes going on within the local boundaries of the organization.
Identify the type data collection method used by the Karry.
- A. Active data collection
- B. Passive data collection
- C. Raw data collection
- D. Exploited data collection
Answer: B
NEW QUESTION 18
Sam works as an analyst in an organization named InfoTech Security. He was asked to collect information from various threat intelligence sources. In meeting the deadline, he forgot to verify the threat intelligence sources and used data from an open-source data provider, who offered it at a very low cost. Through it was beneficial at the initial stage but relying on such data providers can produce unreliable data and noise putting the organization network into risk.
What mistake Sam did that led to this situation?
- A. Sam did not use the proper standardization formats for representing threat data.
- B. Sam used data without context.
- C. Sam did not use the proper technology to use or consume the information.
- D. Sam used unreliable intelligence sources.
Answer: C
NEW QUESTION 19
An analyst wants to disseminate the information effectively so that the consumers can acquire and benefit out of the intelligence.
Which of the following criteria must an analyst consider in order to make the intelligence concise, to the point, accurate, and easily understandable and must consist of a right balance between tables, narrative, numbers, graphics, and multimedia?
- A. The right order
- B. The right time
- C. The right content
- D. The right presentation
Answer: D
NEW QUESTION 20
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?
- A. Persistence
- B. Search and exfiltration
- C. Expansion
- D. Initial intrusion
Answer: C
NEW QUESTION 21
Cybersol Technologies initiated a cyber-threat intelligence program with a team of threat intelligence analysts. During the process, the analysts started converting the raw data into useful information by applying various techniques, such as machine-based techniques, and statistical methods.
In which of the following phases of the threat intelligence lifecycle is the threat intelligence team currently working?
- A. Dissemination and integration
- B. Planning and direction
- C. Processing and exploitation
- D. Analysis and production
Answer: C
NEW QUESTION 22
H&P, Inc. is a small-scale organization that has decided to outsource the network security monitoring due to lack of resources in the organization. They are looking for the options where they can directly incorporate threat intelligence into their existing network defense solutions.
Which of the following is the most cost-effective methods the organization can employ?
- A. Look for an individual within the organization
- B. Recruit data management solution provider
- C. Recruit the right talent
- D. Recruit managed security service providers (MSSP)
Answer: D
NEW QUESTION 23
In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?
- A. Unstructured form
- B. Production form
- C. Hybrid form
- D. Structured form
Answer: A
NEW QUESTION 24
During the process of threat intelligence analysis, John, a threat analyst, successfully extracted an indication of adversary's information, such as Modus operandi, tools, communication channels, and forensics evasion strategies used by adversaries.
Identify the type of threat intelligence analysis is performed by John.
- A. Technical threat intelligence analysis
- B. Tactical threat intelligence analysis
- C. Strategic threat intelligence analysis
- D. Operational threat intelligence analysis
Answer: B
NEW QUESTION 25
Alison, an analyst in an XYZ organization, wants to retrieve information about a company's website from the time of its inception as well as the removed information from the target website.
What should Alison do to get the information he needs.
- A. Alison should use https://archive.org to extract the required website information.
- B. Alison should recover cached pages of the website from the Google search engine cache to extract the required website information.
- C. Alison should use SmartWhois to extract the required website information.
- D. Alison should run the Web Data Extractor tool to extract the required website information.
Answer: A
NEW QUESTION 26
Kim, an analyst, is looking for an intelligence-sharing platform to gather and share threat information from a variety of sources. He wants to use this information to develop security policies to enhance the overall security posture of his organization.
Which of the following sharing platforms should be used by Kim?
- A. PortDroid network analysis
- B. Blueliv threat exchange network
- C. OmniPeek
- D. Cuckoo sandbox
Answer: B
NEW QUESTION 27
A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.
Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?
- A. Analysis of competing hypotheses (ACH)
- B. Automated technical analysis
- C. Application decomposition and analysis (ADA)
- D. Threat modelling
Answer: A
NEW QUESTION 28
Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?
- A. Direct historical trust
- B. Validated trust
- C. Mediated trust
- D. Mandated trust
Answer: B
NEW QUESTION 29
Steve works as an analyst in a UK-based firm. He was asked to perform network monitoring to find any evidence of compromise. During the network monitoring, he came to know that there are multiple logins from different locations in a short time span. Moreover, he also observed certain irregular log in patterns from locations where the organization does not have business relations. This resembles that somebody is trying to steal confidential information.
Which of the following key indicators of compromise does this scenario present?
- A. Unexpected patching of systems
- B. Unusual activity through privileged user account
- C. Geographical anomalies
- D. Unusual outbound network traffic
Answer: B
NEW QUESTION 30
......
Pass Your ECCouncil Exam with 312-85 Exam Dumps: https://examsboost.pass4training.com/312-85-test-questions.html
