• Home
  • Articles
  • [UPDATED 2024] EC-COUNCIL 312-39 Questions Prepare with Free Demo of PDF [Q23-Q47]

[UPDATED 2024] EC-COUNCIL 312-39 Questions Prepare with Free Demo of PDF [Q23-Q47]

Share

[UPDATED 2024] EC-COUNCIL 312-39 Questions Prepare with Free Demo of PDF

NEW 2024 Certification Sample Questions 312-39 Dumps & Practice Exam

NEW QUESTION # 23
Which one of the following is the correct flow for Setting Up a Computer Forensics Lab?

  • A. Planning and budgeting -> Physical location and structural design considerations -> Work area considerations -> Human resource considerations -> Physical security recommendations -> Forensics lab licensing
  • B. Planning and budgeting -> Physical location and structural design considerations -> Forensics lab licensing ->Work area considerations -> Human resource considerations -> Physical security recommendations
  • C. Planning and budgeting -> Physical location and structural design considerations-> Forensics lab licensing -> Human resource considerations -> Work area considerations -> Physical security recommendations
  • D. Planning and budgeting -> Forensics lab licensing -> Physical location and structural design considerations -> Work area considerations -> Physical security recommendations -> Human resource considerations

Answer: A


NEW QUESTION # 24
Which of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network?

  • A. Egress Filtering
  • B. Rate Limiting
  • C. Throttling
  • D. Ingress Filtering

Answer: A


NEW QUESTION # 25
Jason, a SOC Analyst with Maximus Tech, was investigating Cisco ASA Firewall logs and came across the following log entry:
May 06 2018 21:27:27 asa 1: %ASA -5 - 11008: User 'enable_15' executed the 'configure term' command What does the security level in the above log indicates?

  • A. Warning condition message
  • B. Normal but significant message
  • C. Critical condition message
  • D. Informational message

Answer: B

Explanation:


NEW QUESTION # 26
Which of the following framework describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering?

  • A. COBIT
  • B. SSE-CMM
  • C. SOC-CMM
  • D. ITIL

Answer: B


NEW QUESTION # 27
Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.
What among the following should Wesley avoid from considering?

  • A. Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes
  • B. Understand the security permissions given to serialization and deserialization
  • C. Allow serialization for security-sensitive classes
  • D. Deserialization of trusted data must cross a trust boundary

Answer: C


NEW QUESTION # 28
Which of the following command is used to enable logging in iptables?

  • A. $ iptables -B INPUT -j LOG
  • B. $ iptables -A INPUT -j LOG
  • C. $ iptables -A OUTPUT -j LOG
  • D. $ iptables -B OUTPUT -j LOG

Answer: B

Explanation:


NEW QUESTION # 29
Which of the following are the responsibilities of SIEM Agents?
1.Collecting data received from various devices sending data to SIEM before forwarding it to the central engine.
2.Normalizing data received from various devices sending data to SIEM before forwarding it to the central engine.
3.Co-relating data received from various devices sending data to SIEM before forwarding it to the central engine.
4.Visualizing data received from various devices sending data to SIEM before forwarding it to the central engine.

  • A. 2 and 3
  • B. 1 and 4
  • C. 3 and 1
  • D. 1 and 2

Answer: B


NEW QUESTION # 30
Which of the following is a default directory in a Mac OS X that stores security-related logs?

  • A. /private/var/log
  • B. /Library/Logs/Sync
  • C. /var/log/cups/access_log
  • D. ~/Library/Logs

Answer: D


NEW QUESTION # 31
Which of the following formula represents the risk levels?

  • A. Level of risk = Consequence * Impact
  • B. Level of risk = Consequence * Severity
  • C. Level of risk = Consequence * Asset Value
  • D. Level of risk = Consequence * Likelihood

Answer: A


NEW QUESTION # 32
Which of the following fields in Windows logs defines the type of event occurred, such as Correlation Hint, Response Time, SQM, WDI Context, and so on?

  • A. Keywords
  • B. Task Category
  • C. Source
  • D. Level

Answer: A


NEW QUESTION # 33
John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.
Which of the following data source will he use to prepare the dashboard?

  • A. Apache/ Web Server logs with IP addresses and Host Name.
  • B. DHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
  • C. DNS/ Web Server logs with IP addresses.
  • D. IIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.

Answer: B

Explanation:


NEW QUESTION # 34
Which of the following are the responsibilities of SIEM Agents?
1.Collecting data received from various devices sending data to SIEM before forwarding it to the central engine.
2.Normalizing data received from various devices sending data to SIEM before forwarding it to the central engine.
3.Co-relating data received from various devices sending data to SIEM before forwarding it to the central engine.
4.Visualizing data received from various devices sending data to SIEM before forwarding it to the central engine.

  • A. 1 and 4
  • B. 2 and 3
  • C. 3 and 1
  • D. 1 and 2

Answer: D

Explanation:


NEW QUESTION # 35
Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?

  • A. threat_note
  • B. Malstrom
  • C. IntelMQ
  • D. MagicTree

Answer: C


NEW QUESTION # 36
Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex
/((\%3C)|<)((\%69)|i|(\% 49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)/|.
What does this event log indicate?

  • A. SQL Injection Attack
  • B. Parameter Tampering Attack
  • C. Directory Traversal Attack
  • D. XSS Attack

Answer: D


NEW QUESTION # 37
Which of the following is a set of standard guidelines for ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection?

  • A. HIPAA
  • B. FISMA
  • C. DARPA
  • D. PCI-DSS

Answer: D


NEW QUESTION # 38
Juliea a SOC analyst, while monitoring logs, noticed large TXT, NULL payloads.
What does this indicate?

  • A. Covering Tracks Attempt
  • B. DHCP Starvation Attempt
  • C. DNS Exfiltration Attempt
  • D. Concurrent VPN Connections Attempt

Answer: C


NEW QUESTION # 39
Which of the following tool is used to recover from web application incident?

  • A. CrowdStrike FalconTM Orchestrator
  • B. Proxy Workbench
  • C. Smoothwall SWG
  • D. Symantec Secure Web Gateway

Answer: A

Explanation:


NEW QUESTION # 40
Which of the following formula represents the risk levels?

  • A. Level of risk = Consequence * Severity
  • B. Level of risk = Consequence * Asset Value
  • C. Level of risk = Consequence * Impact
  • D. Level of risk = Consequence * Likelihood

Answer: D

Explanation:


NEW QUESTION # 41
Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?

  • A. Malstrom
  • B. Apility.io
  • C. I-Blocklist
  • D. OpenDNS

Answer: D


NEW QUESTION # 42
Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp.
What Chloe is looking at?

  • A. Error log
  • B. Login records
  • C. System boot log
  • D. General message and system-related stuff

Answer: B


NEW QUESTION # 43
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

  • A. Medium
  • B. Low
  • C. High
  • D. Extreme

Answer: A

Explanation:
Explanation
Graphical user interface, application, Teams Description automatically generated


NEW QUESTION # 44
Which of the following contains the performance measures, and proper project and time management details?

  • A. Incident Response Policy
  • B. Incident Response Process
  • C. Incident Response Tactics
  • D. Incident Response Procedures

Answer: A

Explanation:


NEW QUESTION # 45
In which log collection mechanism, the system or application sends log records either on the local disk or over the network.

  • A. push-based
  • B. signature-based
  • C. rule-based
  • D. pull-based

Answer: A

Explanation:


NEW QUESTION # 46
Which of the following attack can be eradicated by disabling of "allow_url_fopen and allow_url_include" in the php.ini file?

  • A. File Injection Attacks
  • B. URL Injection Attacks
  • C. Command Injection Attacks
  • D. LDAP Injection Attacks

Answer: B


NEW QUESTION # 47
......

312-39 Deluxe Study Guide with Online Test Engine: https://www.dumpsvalid.com/312-39-still-valid-exam.html

312-39 Test Prep Training Practice Exam Questions Practice Tests: https://drive.google.com/open?id=1BdtQ__5B_MU9Ejxa0gVVVnUYvI7Yd_hO

Related Articles

more
EC-COUNCIL 312-39 Certification Practice Exam

Copyright © 2026 DumpsValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy