Weekend Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated 312-85 Exam Questions and Answers by hadi

Page: 3 / 3

ECCouncil 312-85 Exam Overview :

Exam Name: Certified Threat Intelligence Analyst (CTIA)
Exam Code: 312-85 Dumps
Vendor: ECCouncil Certification: CTIA
Questions: 50 Q&A's Shared By: hadi
Question 12

Tim is working as an analyst in an ABC organization. His organization had been facing many challenges in converting the raw threat intelligence data into meaningful contextual information. After inspection, he found that it was due to noise obtained from misrepresentation of data from huge data collections. Hence, it is important to clean the data before performing data analysis using techniques such as data reduction. He needs to choose an appropriate threat intelligence framework that automatically performs data collection, filtering, and analysis for his organization.

Which of the following threat intelligence frameworks should he choose to perform such task?

Options:

A.

HighCharts

B.

SIGVERIF

C.

Threat grid

D.

TC complete

Discussion
Question 13

A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but afterperforming proper analysis by him, the same information can be used to detect an attack in the network.

Which of the following categories of threat information has he collected?

Options:

A.

Advisories

B.

Strategic reports

C.

Detection indicators

D.

Low-level data

Discussion
Question 14

Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.

Which of the following phases of cyber kill chain methodology is Jame executing?

Options:

A.

Reconnaissance

B.

Installation

C.

Weaponization

D.

Exploitation

Discussion
Ayesha
They are study materials that are designed to help students prepare for exams and certification tests. They are basically a collection of questions and answers that are likely to appear on the test.
Ayden Oct 16, 2024
That sounds interesting. Why are they useful? Planning this week, hopefully help me. Can you give me PDF if you have ?
Syeda
I passed, Thank you Cramkey for your precious Dumps.
Stella Aug 25, 2024
That's great. I think I'll give Cramkey Dumps a try.
Robin
Cramkey is highly recommended.
Jonah Oct 16, 2024
Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!
Alessia
Amazing Dumps. Found almost all questions in actual exam whih I prepared from these valuable dumps. Recommended!!!!
Belle Nov 2, 2024
That's impressive. I've been struggling with finding good study material for my certification. Maybe I should give Cramkey Dumps a try.
Neve
Will I be able to achieve success after using these dumps?
Rohan Oct 24, 2024
Absolutely. It's a great way to increase your chances of success.
Question 15

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.

What should Jim do to detect the data staging before the hackers exfiltrate from the network?

Options:

A.

Jim should identify the attack at an initial stage by checking the content of the user agent field.

B.

Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

C.

Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.

D.

Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.

Discussion
Page: 3 / 3

312-85
PDF

$36.75  $104.99

312-85 Testing Engine

$43.75  $124.99

312-85 PDF + Testing Engine

$57.75  $164.99