312-39 exam

Harley is working as a SOC analyst with Powell Tech. Powell Inc. is using Internet Information Service (IIS) version 7.0 to host their website. Where will Harley find the web server logs, if he wants to investigate them for any anomalies?A . SystemDrive%inetpublogsLogFilesW3SVCNB . SystemDrive%LogFilesinetpublogsW3SVCNC . %SystemDrive%LogFileslogsW3SVCND . SystemDrive% inetpubLogFileslogsW3SVCNView...

What does the HTTP status codes 1XX represents?A . Informational messageB . Client errorC . SuccessD . RedirectionView AnswerAnswer: A Explanation: Reference: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#:~:text=1xx%20informational%20response%20C%20the%20request,syntax%20or%20cannot%20be%20fulfilled

In which phase of Lockheed Martin's C Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?A . ReconnaissanceB . DeliveryC . WeaponizationD . ExploitationView AnswerAnswer: B Explanation: Reference: https://securityboulevard.com/2018/08/the-cyber-kill-chain-what-you-need-to-know/

In which of the following incident handling and response stages, the root cause of the incident must be found from the forensic results?A . Evidence GatheringB . Evidence HandlingC . EradicationD . Systems RecoveryView AnswerAnswer: A Explanation: Reference: https://www.eccouncil.org/wp-content/uploads/2019/02/ECIH-V2-Brochure.pdf

According to the Risk Matrix table, what will be the risk level when the probability of an attack is very high, and the impact of that attack is major? NOTE: It is mandatory to answer the question before proceeding to the next one.A . HighB . ExtremeC . LowD ....

Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((%3C)|<)((%69)|i|(% 49))((%6D)|m|(%4D))((%67)|g|(%47))[^n]+((%3E)|>)/|. What does this event log indicate?A . Directory Traversal AttackB . Parameter Tampering AttackC . XSS AttackD . SQL Injection AttackView AnswerAnswer: C Explanation: Reference: https://books.google.com.pk/books?id=PDR4nOAP8qUC&pg=PA87&lpg=PA87&dq=regex+/((%5C%253C)%7C<)((%5C%2569)%7Ci%7C(%5C%2549))((%5C%256D)%7Cm%7C(%5C%25 4D))((%5C% 2567)%7Cg%7C(%5C%2547))%5B%5E%5Cn%5D%2B((%5C%253E)%7C>)/% 7C&source=bl&ots=kOBHNfJmtq&sig=ACfU3U2CG_hELc1HMb1chdc9OS4ooXPlMg&hl=e n&sa=X&ved=2ahUKEwjYwJmlt_buAhUFShUIHTBNAs8Q6AEwBXoECAUQAw#v=onepage&q&f=false

Banter is a threat analyst in Christine Group of Industries. As a part of the job, he is currently formatting and structuring the raw data. He is at which stage of the threat intelligence life cycle?A . Dissemination and IntegrationB . Processing and ExploitationC . CollectionD . Analysis and ProductionView...

John, a SOC analyst, while monitoring and analyzing Apache web server logs, identified an event log matching Regex /(.|(%|%25)2E)(.|(%|%25)2E)(/|(%|%25)2F|\|(%|%25)5C)/i. What does this event log indicate?A . XSS AttackB . SQL injection AttackC . Directory Traversal AttackD . Parameter Tampering AttackView AnswerAnswer: A

Which of the following threat intelligence helps cyber security professionals such as security operations managers, network operations center and incident responders to understand how the adversaries are expected to perform the attack on the organization, and the technical capabilities and goals of the attackers along with the attack vectors?A ....

Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/wtmp. What Chloe is looking at?A . Error logB . System boot logC . General message and system-related stuffD . Login recordsView AnswerAnswer: D Explanation: Reference: https://stackify.com/linux-logs/