March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

ECCouncil 312-85 Certified Threat Intelligence Analyst Exam Practice Test

Page: 1 / 5
Total 49 questions

Certified Threat Intelligence Analyst Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$36  $119.99

PDF Study Guide

  • Product Type: PDF Study Guide
$31.5  $104.99
Question 1

In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

Options:

A.

Distributed storage

B.

Object-based storage

C.

Centralized storage

D.

Cloud storage

Question 2

Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization’s URL.

Which of the following Google search queries should Moses use?

Options:

A.

related: www.infothech.org

B.

info: www.infothech.org

C.

link: www.infothech.org

D.

cache: www.infothech.org

Question 3

An analyst is conducting threat intelligence analysis in a client organization, and during the information gathering process, he gathered information from the publicly available sources and analyzed to obtain a rich useful form of intelligence. The information source that he used is primarily used for national security, law enforcement, and for collecting intelligence required for business or strategic decision making.

Which of the following sources of intelligence did the analyst use to collect information?

Options:

A.

OPSEC

B.

ISAC

C.

OSINT

D.

SIGINT

Question 4

Steve works as an analyst in a UK-based firm. He was asked to perform network monitoring to find any evidence of compromise. During the network monitoring, he came to know that there are multiple logins from different locations in a short time span. Moreover, he also observed certain irregular log in patterns from locations where the organization does not have business relations. This resembles that somebody is trying to steal confidential information.

Which of the following key indicators of compromise does this scenario present?

Options:

A.

Unusual outbound network traffic

B.

Unexpected patching of systems

C.

Unusual activity through privileged user account

D.

Geographical anomalies

Question 5

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.

What should Jim do to detect the data staging before the hackers exfiltrate from the network?

Options:

A.

Jim should identify the attack at an initial stage by checking the content of the user agent field.

B.

Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

C.

Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.

D.

Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.

Question 6

Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.

Which of the following categories of threat intelligence feed was acquired by Jian?

Options:

A.

Internal intelligence feeds

B.

External intelligence feeds

C.

CSV data feeds

D.

Proactive surveillance feeds

Question 7

Alison, an analyst in an XYZ organization, wants to retrieve information about a company’s website from the time of its inception as well as the removed information from the target website.

What should Alison do to get the information he needs.

Options:

A.

Alison should use SmartWhois to extract the required website information.

B.

Alison should use https://archive.org to extract the required website information.

C.

Alison should run the Web Data Extractor tool to extract the required website information.

D.

Alison should recover cached pages of the website from the Google search engine cache to extract the required website information.

Page: 1 / 5
Total 49 questions