Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-39

Free EC-Council 312-39 Exam Braindumps (page: 5)

Page 5 of 26
PDF with 100 Questions

Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?

  1. $ tailf /var/log/sys/kern.log
  2. $ tailf /var/log/kern.log
  3. # tailf /var/log/messages
  4. # tailf /var/log/sys/messages

Answer(s): B


Reference:

https://tecadmin.net/enable-logging-in-iptables-on-linux/



Which of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network?

  1. Egress Filtering
  2. Throttling
  3. Rate Limiting
  4. Ingress Filtering

Answer(s): A


Reference:

https://grokdesigns.com/wp-content/uploads/2018/04/CEH-v9-Notes.pdf (99)



Which of the following formula is used to calculate the EPS of the organization?

  1. EPS = average number of correlated events / time in seconds
  2. EPS = number of normalized events / time in seconds
  3. EPS = number of security events / time in seconds
  4. EPS = number of correlated events / time in seconds

Answer(s): A



Juliea a SOC analyst, while monitoring logs, noticed large TXT, NULL payloads. What does this indicate?

  1. Concurrent VPN Connections Attempt
  2. DNS Exfiltration Attempt
  3. Covering Tracks Attempt
  4. DHCP Starvation Attempt

Answer(s): B


Reference:

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwj8gZaKq_PuAhWGi1wKHfQTC0oQFjAAegQIARAD&url=https%3A%2F%2Fconf.splunk.com%2Fsession%2F2014%2Fconf2014_FredWilmotSanfordOwings_Splunk_Security.pdf&usg=AOvVaw3ZLfzGqM-VUG7xKtze67ac



Viewing page 5 of 26
Viewing questions 17 - 20 out of 100 questions



Post your Comments and Discuss EC-Council 312-39 exam prep with other Community members:

312-39 Exam Discussions & Posts