Month End Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated 312-85 Exam Questions and Answers by hadi

Page: 3 / 3

ECCouncil 312-85 Exam Overview :

Exam Name: Certified Threat Intelligence Analyst (CTIA)
Exam Code: 312-85 Dumps
Vendor: ECCouncil Certification: CTIA
Questions: 50 Q&A's Shared By: hadi
Question 12

Tim is working as an analyst in an ABC organization. His organization had been facing many challenges in converting the raw threat intelligence data into meaningful contextual information. After inspection, he found that it was due to noise obtained from misrepresentation of data from huge data collections. Hence, it is important to clean the data before performing data analysis using techniques such as data reduction. He needs to choose an appropriate threat intelligence framework that automatically performs data collection, filtering, and analysis for his organization.

Which of the following threat intelligence frameworks should he choose to perform such task?

Options:

A.

HighCharts

B.

SIGVERIF

C.

Threat grid

D.

TC complete

Discussion
Question 13

A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but afterperforming proper analysis by him, the same information can be used to detect an attack in the network.

Which of the following categories of threat information has he collected?

Options:

A.

Advisories

B.

Strategic reports

C.

Detection indicators

D.

Low-level data

Discussion
Rosalie
I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.
Maja Aug 30, 2024
That sounds great. I'll definitely check them out. Thanks for the suggestion!
Cody
I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.
Eric Sep 13, 2024
Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.
Norah
Cramkey is highly recommended.
Zayan Oct 17, 2024
Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!
Peyton
Hey guys. Guess what? I passed my exam. Thanks a lot Cramkey, your provided information was relevant and reliable.
Coby Sep 6, 2024
Thanks for sharing your experience. I think I'll give Cramkey a try for my next exam.
Addison
Want to tell everybody through this platform that I passed my exam with excellent score. All credit goes to Cramkey Exam Dumps.
Libby Aug 9, 2024
That's good to know. I might check it out for my next IT certification exam. Thanks for the info.
Question 14

Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.

Which of the following phases of cyber kill chain methodology is Jame executing?

Options:

A.

Reconnaissance

B.

Installation

C.

Weaponization

D.

Exploitation

Discussion
Question 15

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.

What should Jim do to detect the data staging before the hackers exfiltrate from the network?

Options:

A.

Jim should identify the attack at an initial stage by checking the content of the user agent field.

B.

Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

C.

Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.

D.

Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.

Discussion
Page: 3 / 3

312-85
PDF

$36.75  $104.99

312-85 Testing Engine

$43.75  $124.99

312-85 PDF + Testing Engine

$57.75  $164.99