CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-85

Free 312-85 Exam Braindumps (page: 3)

Page 3 of 13
PDF with 49 Questions

Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.

Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?

  1. Data collection through passive DNS monitoring
  2. Data collection through DNS interrogation
  3. Data collection through DNS zone transfer
  4. Data collection through dynamic DNS (DDNS)

Answer(s): B



John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?

  1. Initial intrusion
  2. Search and exfiltration
  3. Expansion
  4. Persistence

Answer(s): C



Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?

  1. Jim should identify the attack at an initial stage by checking the content of the user agent field.
  2. Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.
  3. Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
  4. Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.

Answer(s): C



Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.

Which of the following types of trust model is used by Garry to establish the trust?

  1. Mediated trust
  2. Mandated trust
  3. Direct historical trust
  4. Validated trust

Answer(s): D



Page 3 of 13



Post your Comments and Discuss EC-Council 312-85 exam with other Community members:

Kamekar commented on May 25, 2024
Passed this exam on May 19. This exam dumps is good and valid.
UNITED KINGDOM
upvote