Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-39

EC-Council 312-39 Exam
Certified SOC Analyst (Page 3 )

Updated On: 7-Feb-2026
Page 3 of 21
PDF with 100 Questions

Ray is a SOC analyst in a company named Queens Tech. One Day, Queens Tech is affected by a DoS/DDoS attack. For the containment of this incident, Ray and his team are trying to provide additional bandwidth to the network devices and increasing the capacity of the servers.

What is Ray and his team doing?

  1. Blocking the Attacks
  2. Diverting the Traffic
  3. Degrading the services
  4. Absorbing the Attack

Answer(s): D



Identify the attack when an attacker by several trial and error can read the contents of a password file present in the restricted etc folder just by manipulating the URL in the browser as shown:

http://www.terabytes.com/process.php./../../../../etc/passwd

  1. Directory Traversal Attack
  2. SQL Injection Attack
  3. Denial-of-Service Attack
  4. Form Tampering Attack

Answer(s): B


Reference:

https://doc.lagout.org/security/SQL%20Injection%20Attacks%20and%20Defense.pdf



Which encoding replaces unusual ASCII characters with "%" followed by the character’s two-digit ASCII code expressed in hexadecimal?

  1. Unicode Encoding
  2. UTF Encoding
  3. Base64 Encoding
  4. URL Encoding

Answer(s): D


Reference:

https://ktflash.gitbooks.io/ceh_v9/content/125_countermeasures.html



Which of the following formula represents the risk?

  1. Risk = Likelihood × Severity × Asset Value
  2. Risk = Likelihood × Consequence × Severity
  3. Risk = Likelihood × Impact × Severity
  4. Risk = Likelihood × Impact × Asset Value

Answer(s): B



The Syslog message severity levels are labelled from level 0 to level 7. What does level 0 indicate?

  1. Alert
  2. Notification
  3. Emergency
  4. Debugging

Answer(s): B






Post your Comments and Discuss EC-Council 312-39 exam prep with other Community members:

Join the 312-39 Discussion