Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-39

EC-Council 312-39 Exam Questions
Certified SOC Analyst (Page 4 )

Updated On: 18-Apr-2026
Page 4 of 21
PDF with 100 Questions

Where will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation using OSSIM SIEM?

  1. /etc/ossim/reputation
  2. /etc/ossim/siem/server/reputation/data
  3. /etc/siem/ossim/server/reputation.data
  4. /etc/ossim/server/reputation.data

Answer(s): A



According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

  1. High
  2. Extreme
  3. Low
  4. Medium

Answer(s): C


Reference:

https://www.moheri.gov.om/userupload/Policy/IT%20Risk%20Management%20Framework.pdf (17)



Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?

  1. $ tailf /var/log/sys/kern.log
  2. $ tailf /var/log/kern.log
  3. # tailf /var/log/messages
  4. # tailf /var/log/sys/messages

Answer(s): B


Reference:

https://tecadmin.net/enable-logging-in-iptables-on-linux/



Which of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network?

  1. Egress Filtering
  2. Throttling
  3. Rate Limiting
  4. Ingress Filtering

Answer(s): A


Reference:

https://grokdesigns.com/wp-content/uploads/2018/04/CEH-v9-Notes.pdf (99)



Which of the following formula is used to calculate the EPS of the organization?

  1. EPS = average number of correlated events / time in seconds
  2. EPS = number of normalized events / time in seconds
  3. EPS = number of security events / time in seconds
  4. EPS = number of correlated events / time in seconds

Answer(s): A



Viewing page 4 of 21
Viewing questions 16 - 20 out of 100 questions



Post your Comments and Discuss EC-Council 312-39 exam dumps with other Community members:

312-39 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!