
Free 2021 312-85 Dumps 100 Pass Guarantee With Latest Demo
Prepare 312-85 Question Answers Free Update With 100% Exam Passing Guarantee [2021]
ECCouncil 312-85 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
| Topic 12 |
|
| Topic 13 |
|
NEW QUESTION 12
In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.
Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?
- A. Decision theory
- B. Cognitive psychology
- C. Machine learning
- D. Game theory
Answer: A
NEW QUESTION 13
Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?
- A. Data collection through DNS zone transfer
- B. Data collection through passive DNS monitoring
- C. Data collection through DNS interrogation
- D. Data collection through dynamic DNS (DDNS)
Answer: C
NEW QUESTION 14
SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization's security.
Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?
- A. Workflow
- B. Scoring
- C. Search
- D. Open
Answer: B
NEW QUESTION 15
An analyst is conducting threat intelligence analysis in a client organization, and during the information gathering process, he gathered information from the publicly available sources and analyzed to obtain a rich useful form of intelligence. The information source that he used is primarily used for national security, law enforcement, and for collecting intelligence required for business or strategic decision making.
Which of the following sources of intelligence did the analyst use to collect information?
- A. SIGINT
- B. OSINT
- C. OPSEC
- D. ISAC
Answer: B
NEW QUESTION 16
ABC is a well-established cyber-security company in the United States. The organization implemented the automation of tasks such as data enrichment and indicator aggregation. They also joined various communities to increase their knowledge about the emerging threats. However, the security teams can only detect and prevent identified threats in a reactive approach.
Based on threat intelligence maturity model, identify the level of ABC to know the stage at which the organization stands with its security and vulnerabilities.
- A. Level 0: vague where to start
- B. Level 1: preparing for CTI
- C. Level 3: CTI program in place
- D. Level 2: increasing CTI capabilities
Answer: D
NEW QUESTION 17
Alison, an analyst in an XYZ organization, wants to retrieve information about a company's website from the time of its inception as well as the removed information from the target website.
What should Alison do to get the information he needs.
- A. Alison should recover cached pages of the website from the Google search engine cache to extract the required website information.
- B. Alison should run the Web Data Extractor tool to extract the required website information.
- C. Alison should use https://archive.org to extract the required website information.
- D. Alison should use SmartWhois to extract the required website information.
Answer: B
NEW QUESTION 18
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive dat a. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?
- A. Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.
- B. Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
- C. Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
- D. Jim should identify the attack at an initial stage by checking the content of the user agent field.
Answer: C
NEW QUESTION 19
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?
- A. Search and exfiltration
- B. Expansion
- C. Persistence
- D. Initial intrusion
Answer: B
NEW QUESTION 20
Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization.
Which of the following are the needs of a RedTeam?
- A. Intelligence extracted latest attacks analysis on similar organizations, which includes details about latest threats and TTPs
- B. Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and procedures (TTPs)
- C. Intelligence related to increased attacks targeting a particular software or operating system vulnerability
- D. Intelligence that reveals risks related to various strategic business decisions
Answer: B
NEW QUESTION 21
Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?
- A. Operational threat intelligence
- B. Technical threat intelligence
- C. Strategic threat intelligence
- D. Tactical threat intelligence
Answer: B
NEW QUESTION 22
Walter and Sons Company has faced major cyber attacks and lost confidential dat a. The company has decided to concentrate more on the security rather than other resources. Therefore, they hired Alice, a threat analyst, to perform data analysis. Alice was asked to perform qualitative data analysis to extract useful information from collected bulk data.
Which of the following techniques will help Alice to perform qualitative data analysis?
- A. Numerical calculations, statistical modeling, measurement, research, and so on.
- B. Finding links between data and discover threat-related information
- C. Regression analysis, variance analysis, and so on
- D. Brainstorming, interviewing, SWOT analysis, Delphi technique, and so on
Answer: D
NEW QUESTION 23
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?
- A. Object-based storage
- B. Cloud storage
- C. Distributed storage
- D. Centralized storage
Answer: A
NEW QUESTION 24
Tracy works as a CISO in a large multinational company. She consumes threat intelligence to understand the changing trends of cyber security. She requires intelligence to understand the current business trends and make appropriate decisions regarding new technologies, security budget, improvement of processes, and staff. The intelligence helps her in minimizing business risks and protecting the new technology and business initiatives.
Identify the type of threat intelligence consumer is Tracy.
- A. Tactical users
- B. Strategic users
- C. Technical users
- D. Operational users
Answer: B
NEW QUESTION 25
Cybersol Technologies initiated a cyber-threat intelligence program with a team of threat intelligence analysts. During the process, the analysts started converting the raw data into useful information by applying various techniques, such as machine-based techniques, and statistical methods.
In which of the following phases of the threat intelligence lifecycle is the threat intelligence team currently working?
- A. Processing and exploitation
- B. Dissemination and integration
- C. Planning and direction
- D. Analysis and production
Answer: B
NEW QUESTION 26
Michael, a threat analyst, works in an organization named TechTop, was asked to conduct a cyber-threat intelligence analysis. After obtaining information regarding threats, he has started analyzing the information and understanding the nature of the threats.
What stage of the cyber-threat intelligence is Michael currently in?
- A. Known knowns
- B. Unknown unknowns
- C. Unknowns unknown
- D. Known unknowns
Answer: D
NEW QUESTION 27
Sam works as an analyst in an organization named InfoTech Security. He was asked to collect information from various threat intelligence sources. In meeting the deadline, he forgot to verify the threat intelligence sources and used data from an open-source data provider, who offered it at a very low cost. Through it was beneficial at the initial stage but relying on such data providers can produce unreliable data and noise putting the organization network into risk.
What mistake Sam did that led to this situation?
- A. Sam used data without context.
- B. Sam used unreliable intelligence sources.
- C. Sam did not use the proper technology to use or consume the information.
- D. Sam did not use the proper standardization formats for representing threat data.
Answer: C
NEW QUESTION 28
......
Dumps Real ECCouncil 312-85 Exam Questions [Updated 2021]: https://www.real4prep.com/312-85-exam.html
Free 312-85 Exam Dumps to Pass Exam Easily: https://drive.google.com/open?id=1cgWb9UxvpzQplRI9jdR0327YbKtnf5G_