312-39 EC-Council Exam Questions and Free Practice Test

Question 25

Jason, a SOC Analyst with Maximus Tech, was investigating Cisco ASA Firewall logs and came across the following log entry:
May 06 2018 21:27:27 asa 1: %ASA -5 – 11008: User 'enable_15' executed the 'configure term' command What does the security level in the above log indicates?

A. Warning condition message

B. Critical condition message

C. Normal but significant message

D. Informational message

Correct Answer:A

Question 26

What does the HTTP status codes 1XX represents?

A. Informational message

B. Client error

C. Success

D. Redirection

Correct Answer:A

Question 27

Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp.
What Chloe is looking at?

A. Error log

B. System boot log

C. General message and system-related stuff

D. Login records

Correct Answer:D

Question 28

In which of the following incident handling and response stages, the root cause of the incident must be found from the forensic results?

A. Evidence Gathering

B. Evidence Handling

C. Eradication

D. Systems Recovery

Correct Answer:A

Question 29

In which log collection mechanism, the system or application sends log records either on the local disk or over the network.

A. rule-based

B. pull-based

C. push-based

D. signature-based

Correct Answer:A

Question 30

The threat intelligence, which will help you, understand adversary intent and make informed decision to ensure appropriate security in alignment with risk.
What kind of threat intelligence described above?

A. Tactical Threat Intelligence

B. Strategic Threat Intelligence

C. Functional Threat Intelligence

D. Operational Threat Intelligence

Correct Answer:B

START 312-39 EXAM