Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks. What among the following should Wesley avoid from considering?
A. Deserialization of trusted data must cross a trust boundary
B. Understand the security permissions given to serialization and deserialization
C. Allow serialization for security-sensitive classes
D. Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes
An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted code at the end of the company's URL as follows:
http://technosoft.com.com/.
Identify the attack demonstrated in the above scenario.
A. Cross-site Scripting Attack
B. SQL Injection Attack
C. Denial-of-Service Attack
D. Session Attack
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very high, and the impact of that attack is major? NOTE: It is mandatory to answer the question before proceeding to the next one.
A. High
B. Extreme
C. Low
D. Medium
John, a SOC analyst, while monitoring and analyzing Apache web server logs, identified an event log matching Regex /(\.|(%|%25)2E)(\.|(%|%25)2E)(\/|(%|%25)2F|\\|(%|%25)5C)/i. What does this event log indicate?
A. XSS Attack
B. SQL injection Attack
C. Directory Traversal Attack
D. Parameter Tampering Attack
Which of the following data source can be used to detect the traffic associated with Bad Bot User-Agents?
A. Windows Event Log
B. Web Server Logs
C. Router Logs
D. Switch Logs
Daniel is a member of an IRT, which was started recently in a company named Mesh Tech. He wanted to find the purpose and scope of the planned incident response capabilities. What is he looking for?
A. Incident Response Intelligence
B. Incident Response Mission
C. Incident Response Vision
D. Incident Response Resources
Properly applied cyber threat intelligence to the SOC team help them in discovering TTPs. What does these TTPs refer to?
A. Tactics, Techniques, and Procedures
B. Tactics, Threats, and Procedures
C. Targets, Threats, and Process
D. Tactics, Targets, and Process
Which of the following threat intelligence is used by a SIEM for supplying the analysts with context and "situational awareness" by using threat actor TTPs, malware campaigns, tools used by threat actors.
1.
Strategic threat intelligence
2.
Tactical threat intelligence
3.
Operational threat intelligence
4.
Technical threat intelligence
A. 2 and 3
B. 1 and 3
C. 3 and 4
D. 1 and 2
Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/wtmp. What Chloe is looking at?
A. Error log
B. System boot log
C. General message and system-related stuff
D. Login records
A type of threat intelligent that find out the information about the attacker by misleading them is known as __________.
A. Threat trending Intelligence
B. Detection Threat Intelligence
C. Operational Intelligence
D. Counter Intelligence
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-39 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.