ECCouncil 312-85 Exam Dumps [2021] Practice Valid Exam Dumps Question [Q29-Q54]

Share

ECCouncil 312-85 Exam Dumps [2021] Practice Valid Exam Dumps Question

312-85 Dumps - Grab Out For [NEW-2021] ECCouncil Exam


ECCouncil 312-85 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Understanding Organization’s Current Threat Landscape
  • Reviewing Threat Intelligence Program
Topic 2
  • Understanding Requirements Analysis
  • Building a Threat Intelligence Team
Topic 3
  • Overview of Threat Intelligence Feeds and Sources
  • Overview of Threat Intelligence Data Collection
Topic 4
  • Overview of Threat Intelligence Integration
  • Overview of Threat Intelligence Reports
Topic 5
  • Understanding Threat Intelligence Data Collection and Acquisition
  • Overview of Threat Intelligence Collection Management
Topic 6
  • Understanding Cyber Threat Intelligence
  • Understanding Intelligence
Topic 7
  • Overview of Fine-Tuning Threat Analysis
  • Understanding Threat Intelligence Evaluation
Topic 8
  • Understanding Indicators of Compromise
  • Understanding Advanced Persistent Threats
Topic 9
  • Cyber Threats and Kill Chain Methodology
  • Understanding Cyber Kill Chain
Topic 10
  • Overview of Threat Intelligence Sharing
  • Requirements, Planning, Direction, and Review
Topic 11
  • Overview of Intelligence Sharing Acts and Regulations
  • Understanding the Threat Analysis Process
Topic 12
  • Understanding Threat Intelligence Sharing Platforms
  • Understanding Data Processing and Exploitation
Topic 13
  • Overview of Threat Intelligence Lifecycle and Frameworks
  • Introduction to Threat Intelligence

NEW QUESTION 29
Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?

  • A. Strategic threat intelligence
  • B. Operational threat intelligence
  • C. Tactical threat intelligence
  • D. Technical threat intelligence

Answer: D

 

NEW QUESTION 30
Miley, an analyst, wants to reduce the amount of collected data and make the storing and sharing process easy. She uses filtering, tagging, and queuing technique to sort out the relevant and structured data from the large amounts of unstructured data.
Which of the following techniques was employed by Miley?

  • A. Data visualization
  • B. Sandboxing
  • C. Convenience sampling
  • D. Normalization

Answer: D

 

NEW QUESTION 31
Michael, a threat analyst, works in an organization named TechTop, was asked to conduct a cyber-threat intelligence analysis. After obtaining information regarding threats, he has started analyzing the information and understanding the nature of the threats.
What stage of the cyber-threat intelligence is Michael currently in?

  • A. Known knowns
  • B. Unknowns unknown
  • C. Unknown unknowns
  • D. Known unknowns

Answer: D

 

NEW QUESTION 32
Tracy works as a CISO in a large multinational company. She consumes threat intelligence to understand the changing trends of cyber security. She requires intelligence to understand the current business trends and make appropriate decisions regarding new technologies, security budget, improvement of processes, and staff. The intelligence helps her in minimizing business risks and protecting the new technology and business initiatives.
Identify the type of threat intelligence consumer is Tracy.

  • A. Strategic users
  • B. Technical users
  • C. Tactical users
  • D. Operational users

Answer: A

 

NEW QUESTION 33
Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?

  • A. Direct historical trust
  • B. Mediated trust
  • C. Validated trust
  • D. Mandated trust

Answer: C

 

NEW QUESTION 34
Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.
Which of the following categories of threat intelligence feed was acquired by Jian?

  • A. External intelligence feeds
  • B. CSV data feeds
  • C. Proactive surveillance feeds
  • D. Internal intelligence feeds

Answer: D

 

NEW QUESTION 35
Alice, a threat intelligence analyst at HiTech Cyber Solutions, wants to gather information for identifying emerging threats to the organization and implement essential techniques to prevent their systems and networks from such attacks. Alice is searching for online sources to obtain information such as the method used to launch an attack, and techniques and tools used to perform an attack and the procedures followed for covering the tracks after an attack.
Which of the following online sources should Alice use to gather such information?

  • A. Job sites
  • B. Financial services
  • C. Social network settings
  • D. Hacking forums

Answer: D

 

NEW QUESTION 36
Lizzy, an analyst, wants to recognize the level of risks to the organization so as to plan countermeasures against cyber attacks. She used a threat modelling methodology where she performed the following stages:
Stage 1: Build asset-based threat profiles
Stage 2: Identify infrastructure vulnerabilities
Stage 3: Develop security strategy and plans
Which of the following threat modelling methodologies was used by Lizzy in the aforementioned scenario?

  • A. TRIKE
  • B. VAST
  • C. OCTAVE
  • D. DREAD

Answer: C

 

NEW QUESTION 37
Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?

  • A. Intrusion-set attribution
  • B. Campaign attribution
  • C. Nation-state attribution
  • D. True attribution

Answer: D

 

NEW QUESTION 38
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive dat a. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?

  • A. Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
  • B. Jim should identify the attack at an initial stage by checking the content of the user agent field.
  • C. Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
  • D. Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

Answer: A

 

NEW QUESTION 39
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?

  • A. Expansion
  • B. Search and exfiltration
  • C. Initial intrusion
  • D. Persistence

Answer: A

 

NEW QUESTION 40
Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization's URL.
Which of the following Google search queries should Moses use?

  • A. link: www.infothech.org
  • B. related: www.infothech.org
  • C. cache: www.infothech.org
  • D. info: www.infothech.org

Answer: B

 

NEW QUESTION 41
Sarah is a security operations center (SOC) analyst working at JW Williams and Sons organization based in Chicago. As a part of security operations, she contacts information providers (sharing partners) for gathering information such as collections of validated and prioritized threat indicators along with a detailed technical analysis of malware samples, botnets, DDoS attack methods, and various other malicious tools. She further used the collected information at the tactical and operational levels.
Sarah obtained the required information from which of the following types of sharing partner?

  • A. Providers of threat indicators
  • B. Providers of comprehensive cyber-threat intelligence
  • C. Providers of threat actors
  • D. Providers of threat data feeds

Answer: B

 

NEW QUESTION 42
An analyst wants to disseminate the information effectively so that the consumers can acquire and benefit out of the intelligence.
Which of the following criteria must an analyst consider in order to make the intelligence concise, to the point, accurate, and easily understandable and must consist of a right balance between tables, narrative, numbers, graphics, and multimedia?

  • A. The right content
  • B. The right presentation
  • C. The right order
  • D. The right time

Answer: B

 

NEW QUESTION 43
During the process of threat intelligence analysis, John, a threat analyst, successfully extracted an indication of adversary's information, such as Modus operandi, tools, communication channels, and forensics evasion strategies used by adversaries.
Identify the type of threat intelligence analysis is performed by John.

  • A. Technical threat intelligence analysis
  • B. Operational threat intelligence analysis
  • C. Tactical threat intelligence analysis
  • D. Strategic threat intelligence analysis

Answer: C

 

NEW QUESTION 44
Joe works as a threat intelligence analyst with Xsecurity Inc. He is assessing the TI program by comparing the project results with the original objectives by reviewing project charter. He is also reviewing the list of expected deliverables to ensure that each of those is delivered to an acceptable level of quality.
Identify the activity that Joe is performing to assess a TI program's success or failure.

  • A. Conducting a gap analysis
  • B. Identifying areas of further improvement
  • C. Determining the fulfillment of stakeholders
  • D. Determining the costs and benefits associated with the program

Answer: A

 

NEW QUESTION 45
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

  • A. Distributed storage
  • B. Centralized storage
  • C. Object-based storage
  • D. Cloud storage

Answer: C

 

NEW QUESTION 46
H&P, Inc. is a small-scale organization that has decided to outsource the network security monitoring due to lack of resources in the organization. They are looking for the options where they can directly incorporate threat intelligence into their existing network defense solutions.
Which of the following is the most cost-effective methods the organization can employ?

  • A. Recruit the right talent
  • B. Look for an individual within the organization
  • C. Recruit data management solution provider
  • D. Recruit managed security service providers (MSSP)

Answer: D

 

NEW QUESTION 47
In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

  • A. Zero-day attack
  • B. Advanced persistent attack
  • C. Active online attack
  • D. Distributed network attack

Answer: A

 

NEW QUESTION 48
An organization suffered many major attacks and lost critical information, such as employee records, and financial information. Therefore, the management decides to hire a threat analyst to extract the strategic threat intelligence that provides high-level information regarding current cyber-security posture, threats, details on the financial impact of various cyber-activities, and so on.
Which of the following sources will help the analyst to collect the required intelligence?

  • A. Human, social media, chat rooms
  • B. OSINT, CTI vendors, ISAO/ISACs
  • C. Active campaigns, attacks on other organizations, data feeds from external third parties
  • D. Campaign reports, malware, incident reports, attack group reports, human intelligence

Answer: B

 

NEW QUESTION 49
......

312-85 Exam Dumps PDF Guaranteed Success  with Accurate & Updated Questions: https://www.vceprep.com/312-85-latest-vce-prep.html

Pass 312-85 Exam - Real Test Engine PDF with 50 Questions: https://drive.google.com/open?id=1NM5DNDAMtYRkpVppnSJR20Nfsg_D8575