Special Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated 312-85 Exam Questions and Answers by hadi

Page: 3 / 3

ECCouncil 312-85 Exam Overview :

Exam Name: Certified Threat Intelligence Analyst (CTIA)
Exam Code: 312-85 Dumps
Vendor: ECCouncil Certification: CTIA
Questions: 50 Q&A's Shared By: hadi
Question 12

Tim is working as an analyst in an ABC organization. His organization had been facing many challenges in converting the raw threat intelligence data into meaningful contextual information. After inspection, he found that it was due to noise obtained from misrepresentation of data from huge data collections. Hence, it is important to clean the data before performing data analysis using techniques such as data reduction. He needs to choose an appropriate threat intelligence framework that automatically performs data collection, filtering, and analysis for his organization.

Which of the following threat intelligence frameworks should he choose to perform such task?

Options:

A.

HighCharts

B.

SIGVERIF

C.

Threat grid

D.

TC complete

Discussion
Question 13

A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but afterperforming proper analysis by him, the same information can be used to detect an attack in the network.

Which of the following categories of threat information has he collected?

Options:

A.

Advisories

B.

Strategic reports

C.

Detection indicators

D.

Low-level data

Discussion
Question 14

Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.

Which of the following phases of cyber kill chain methodology is Jame executing?

Options:

A.

Reconnaissance

B.

Installation

C.

Weaponization

D.

Exploitation

Discussion
Osian
Dumps are fantastic! I recently passed my certification exam using these dumps and I must say, they are 100% valid.
Azaan Aug 8, 2024
They are incredibly accurate and valid. I felt confident going into my exam because the dumps covered all the important topics and the questions were very similar to what I saw on the actual exam. The team of experts behind Cramkey Dumps make sure the information is relevant and up-to-date.
Zayaan
Successfully aced the exam… Thanks a lot for providing amazing Exam Dumps.
Harmony Sep 10, 2024
That's fantastic! I'm glad to hear that their dumps helped you. I also used them and found it accurate.
Josephine
I want to ask about their study material and Customer support? Can anybody guide me?
Zayd Oct 22, 2024
Yes, the dumps or study material provided by them are authentic and up to date. They have a dedicated team to assist students and make sure they have a positive experience.
Ace
No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!
Harris Oct 31, 2024
That sounds amazing. I'll definitely check them out. Thanks for the recommendation!
Question 15

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.

What should Jim do to detect the data staging before the hackers exfiltrate from the network?

Options:

A.

Jim should identify the attack at an initial stage by checking the content of the user agent field.

B.

Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

C.

Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.

D.

Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.

Discussion
Page: 3 / 3

312-85
PDF

$36.75  $104.99

312-85 Testing Engine

$43.75  $124.99

312-85 PDF + Testing Engine

$57.75  $164.99