312-39 Online Practice Questions and Answers

Which of the following formula represents the risk?

A. Risk = Likelihood × Severity × Asset Value

B. Risk = Likelihood × Consequence × Severity

C. Risk = Likelihood × Impact × Severity

D. Risk = Likelihood × Impact × Asset Value

Which of the following Windows features is used to enable Security Auditing in Windows?

A. Bitlocker

B. Windows Firewall

C. Local Group Policy Editor

D. Windows Defender

Which of the following security technology is used to attract and trap people who attempt unauthorized or illicit utilization of the host system?

A. De-Militarized Zone (DMZ)

B. Firewall

C. Honeypot

D. Intrusion Detection System

Which of the following is a Threat Intelligence Platform?

A. SolarWinds MS

B. TC Complete

C. Keepnote

D. Apility.io

Jason, a SOC Analyst with Maximus Tech, was investigating Cisco ASA Firewall logs and came across the

following log entry:

May 06 2018 21:27:27 asa 1: %ASA -5 – 11008: User 'enable_15' executed the 'configure term' command

What does the security level in the above log indicates?

A. Warning condition message

B. Critical condition message

C. Normal but significant message

D. Informational message

What is the correct sequence of SOC Workflow?

A. Collect, Ingest, Validate, Document, Report, Respond

B. Collect, Ingest, Document, Validate, Report, Respond

C. Collect, Respond, Validate, Ingest, Report, Document

D. Collect, Ingest, Validate, Report, Respond, Document

Which of the following fields in Windows logs defines the type of event occurred, such as Correlation Hint, Response Time, SQM, WDI Context, and so on?

A. Keywords

B. Task Category

C. Level

D. Source

What does [-n] in the following checkpoint firewall log syntax represents?

fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-b starttime endtime] [-u unification_scheme_file] [-m unification_mode(initial|semi|raw)] [-a] [-k (alert name|all)] [-g] [logfile]

A. Speed up the process by not performing IP addresses DNS resolution in the Log files

B. Display both the date and the time for each log record

C. Display account log records only

D. Display detailed log chains (all the log segments a log record consists of)

Which of the following data source will a SOC Analyst use to monitor connections to the insecure ports?

A. Netstat Data

B. DNS Data

C. IIS Data

D. DHCP Data

Which of the following process refers to the discarding of the packets at the routing level without informing the source that the data did not reach its intended recipient?

A. Load Balancing

B. Rate Limiting

C. Black Hole Filtering

D. Drop Requests