Best Preparations of 312-85 Exam 2021 Certified Threat Intelligence Analyst Unlimited 50 Questions [Q29-Q48]

Share

Best Preparations of 312-85 Exam 2021 Certified Threat Intelligence Analyst Unlimited 50 Questions

Focus on 312-85 All-in-One Exam Guide For Quick Preparation.

NEW QUESTION 29
Which of the following components refers to a node in the network that routes the traffic from a workstation to external command and control server and helps in identification of installed malware in the network?

  • A. Repeater
  • B. Network interface card (NIC)
  • C. Hub
  • D. Gateway

Answer: D

 

NEW QUESTION 30
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?

  • A. Expansion
  • B. Initial intrusion
  • C. Persistence
  • D. Search and exfiltration

Answer: A

 

NEW QUESTION 31
In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

  • A. Zero-day attack
  • B. Advanced persistent attack
  • C. Active online attack
  • D. Distributed network attack

Answer: A

 

NEW QUESTION 32
Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization's URL.
Which of the following Google search queries should Moses use?

  • A. related: www.infothech.org
  • B. link: www.infothech.org
  • C. cache: www.infothech.org
  • D. info: www.infothech.org

Answer: A

 

NEW QUESTION 33
Cybersol Technologies initiated a cyber-threat intelligence program with a team of threat intelligence analysts. During the process, the analysts started converting the raw data into useful information by applying various techniques, such as machine-based techniques, and statistical methods.
In which of the following phases of the threat intelligence lifecycle is the threat intelligence team currently working?

  • A. Dissemination and integration
  • B. Analysis and production
  • C. Planning and direction
  • D. Processing and exploitation

Answer: A

 

NEW QUESTION 34
SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization's security.
Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

  • A. Workflow
  • B. Scoring
  • C. Open
  • D. Search

Answer: B

 

NEW QUESTION 35
Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization.
Which of the following are the needs of a RedTeam?

  • A. Intelligence related to increased attacks targeting a particular software or operating system vulnerability
  • B. Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and procedures (TTPs)
  • C. Intelligence extracted latest attacks analysis on similar organizations, which includes details about latest threats and TTPs
  • D. Intelligence that reveals risks related to various strategic business decisions

Answer: B

 

NEW QUESTION 36
An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?

  • A. DNS zone transfer
  • B. DNS interrogation
  • C. Dynamic DNS
  • D. Fast-Flux DNS

Answer: D

 

NEW QUESTION 37
Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.
Which of the following phases of cyber kill chain methodology is Jame executing?

  • A. Installation
  • B. Exploitation
  • C. Reconnaissance
  • D. Weaponization

Answer: D

 

NEW QUESTION 38
Michael, a threat analyst, works in an organization named TechTop, was asked to conduct a cyber-threat intelligence analysis. After obtaining information regarding threats, he has started analyzing the information and understanding the nature of the threats.
What stage of the cyber-threat intelligence is Michael currently in?

  • A. Known knowns
  • B. Unknown unknowns
  • C. Unknowns unknown
  • D. Known unknowns

Answer: D

 

NEW QUESTION 39
Mr. Bob, a threat analyst, is performing analysis of competing hypotheses (ACH). He has reached to a stage where he is required to apply his analysis skills effectively to reject as many hypotheses and select the best hypotheses from the identified bunch of hypotheses, and this is done with the help of listed evidence. Then, he prepares a matrix where all the screened hypotheses are placed on the top, and the listed evidence for the hypotheses are placed at the bottom.
What stage of ACH is Bob currently in?

  • A. Refinement
  • B. Evidence
  • C. Diagnostics
  • D. Inconsistency

Answer: C

 

NEW QUESTION 40
In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.
Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?

  • A. Cognitive psychology
  • B. Decision theory
  • C. Game theory
  • D. Machine learning

Answer: B

 

NEW QUESTION 41
A threat analyst obtains an intelligence related to a threat, where the data is sent in the form of a connection request from a remote host to the server. From this data, he obtains only the IP address of the source and destination but no contextual information. While processing this data, he obtains contextual information stating that multiple connection requests from different geo-locations are received by the server within a short time span, and as a result, the server is stressed and gradually its performance has reduced. He further performed analysis on the information based on the past and present experience and concludes the attack experienced by the client organization.
Which of the following attacks is performed on the client organization?

  • A. MAC spoofing attack
  • B. DHCP attacks
  • C. Bandwidth attack
  • D. Distributed Denial-of-Service (DDoS) attack

Answer: D

 

NEW QUESTION 42
Karry, a threat analyst at an XYZ organization, is performing threat intelligence analysis. During the data collection phase, he used a data collection method that involves no participants and is purely based on analysis and observation of activities and processes going on within the local boundaries of the organization.
Identify the type data collection method used by the Karry.

  • A. Raw data collection
  • B. Exploited data collection
  • C. Passive data collection
  • D. Active data collection

Answer: C

 

NEW QUESTION 43
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

  • A. Distributed storage
  • B. Cloud storage
  • C. Centralized storage
  • D. Object-based storage

Answer: D

 

NEW QUESTION 44
Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?

  • A. White
  • B. Green
  • C. Red
  • D. Amber

Answer: D

 

NEW QUESTION 45
Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?

  • A. Mediated trust
  • B. Validated trust
  • C. Direct historical trust
  • D. Mandated trust

Answer: B

 

NEW QUESTION 46
A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.
Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?

  • A. Analysis of competing hypotheses (ACH)
  • B. Threat modelling
  • C. Application decomposition and analysis (ADA)
  • D. Automated technical analysis

Answer: A

 

NEW QUESTION 47
In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?

  • A. Unstructured form
  • B. Production form
  • C. Hybrid form
  • D. Structured form

Answer: A

 

NEW QUESTION 48
......

Guaranteed Success with 312-85 Dumps: https://www.fast2test.com/312-85-premium-file.html

Pass ECCouncil 312-85 Exam – Experts Are Here To Help You: https://drive.google.com/open?id=1vhGJ_77z1fvQHikxqfw8tftJPGthKFwb

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어