Online 312-85 Practice TestMore EC-Council Products >

Free EC-Council 312-85 Exam Dumps Questions

EC-Council 312-85: Certified Threat Intelligence Analyst

- Get instant access to 312-85 practice exam questions

- Get ready to pass the Certified Threat Intelligence Analyst exam right now using our EC-Council 312-85 exam package, which includes EC-Council 312-85 practice test plus an EC-Council 312-85 Exam Simulator.

- The best online 312-85 exam study material and preparation tool is here.

4.5

(2520 ratings)

Question 1

An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?

A. DNS zone transfer

B. Dynamic DNS

C. DNS interrogation

D. Fast-Flux DNS

Correct Answer:D

Question 2

Alice, a threat intelligence analyst at HiTech Cyber Solutions, wants to gather information for identifying emerging threats to the organization and implement essential techniques to prevent their systems and networks from such attacks. Alice is searching for online sources to obtain information such as the method used to launch an attack, and techniques and tools used to perform an attack and the procedures followed for covering the tracks after an attack.
Which of the following online sources should Alice use to gather such information?

A. Financial services

B. Social network settings

C. Hacking forums

D. Job sites

Correct Answer:C

Question 3

Steve works as an analyst in a UK-based firm. He was asked to perform network monitoring to find any evidence of compromise. During the network monitoring, he came to know that there are multiple logins from different locations in a short time span. Moreover, he also observed certain irregular log in patterns from locations where the organization does not have business relations. This resembles that somebody is trying to steal confidential information.
Which of the following key indicators of compromise does this scenario present?

A. Unusual outbound network traffic

B. Unexpected patching of systems

C. Unusual activity through privileged user account

D. Geographical anomalies

Correct Answer:C

Question 4

Michael, a threat analyst, works in an organization named TechTop, was asked to conduct a cyber-threat intelligence analysis. After obtaining information regarding threats, he has started analyzing the information and understanding the nature of the threats.
What stage of the cyber-threat intelligence is Michael currently in?

A. Unknown unknowns

B. Unknowns unknown

C. Known unknowns

D. Known knowns

Correct Answer:C

Question 5

In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

A. Active online attack

B. Zero-day attack

C. Distributed network attack

D. Advanced persistent attack

Correct Answer:B

Question 6

Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?

A. Mediated trust

B. Mandated trust

C. Direct historical trust

D. Validated trust

Correct Answer:D

START 312-85 EXAM