312-39 EC-Council Exam Questions and Free Practice Test

Question 7

An organization is implementing and deploying the SIEM with following capabilities.
312-39 dumps exhibit
What kind of SIEM deployment architecture the organization is planning to implement?

A. Cloud, MSSP Managed

B. Self-hosted, Jointly Managed

C. Self-hosted, Self-Managed

D. Self-hosted, MSSP Managed

Correct Answer:A

Question 8

Which of the following process refers to the discarding of the packets at the routing level without informing the source that the data did not reach its intended recipient?

A. Load Balancing

B. Rate Limiting

C. Black Hole Filtering

D. Drop Requests

Correct Answer:C

Question 9

Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.
312-39 dumps exhibit
What does this event log indicate?

A. Directory Traversal Attack

B. XSS Attack

C. SQL Injection Attack

D. Parameter Tampering Attack

Correct Answer:D

Question 10

What does Windows event ID 4740 indicate?

A. A user account was locked out.

B. A user account was disabled.

C. A user account was enabled.

D. A user account was created.

Correct Answer:A

Question 11

What does HTTPS Status code 403 represents?

A. Unauthorized Error

B. Not Found Error

C. Internal Server Error

D. Forbidden Error

Correct Answer:D

Question 12

Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.
What among the following should Wesley avoid from considering?

A. Deserialization of trusted data must cross a trust boundary

B. Understand the security permissions given to serialization and deserialization

C. Allow serialization for security-sensitive classes

D. Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes

Correct Answer:C

START 312-39 EXAM