[2024年03月07日] 最新312-39のPDF問題集リアル無料テスト本日更新です [Q34-Q54]

[2024年03月07日] 最新312-39のPDF問題集リアル無料テスト本日更新です

312-39問題集には100%厳密検証された問題と解答で合格保証もしくは全額返金

質問 # 34
Which of the following attack can be eradicated by disabling of "allow_url_fopen and allow_url_include" in the php.ini file?

A. URL Injection Attacks
B. LDAP Injection Attacks
C. Command Injection Attacks
D. File Injection Attacks

正解：A

質問 # 35
John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.
Which of the following data source will he use to prepare the dashboard?

A. DHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
B. DNS/ Web Server logs with IP addresses.
C. Apache/ Web Server logs with IP addresses and Host Name.
D. IIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.

正解：A

解説：

質問 # 36
Which of the following attack can be eradicated by disabling of "allow_url_fopen and allow_url_include" in the php.ini file?

A. LDAP Injection Attacks
B. Command Injection Attacks
C. URL Injection Attacks
D. File Injection Attacks

正解：D

解説：

質問 # 37
Which attack works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

A. Birthday Attack
B. Rainbow Table Attack
C. Hybrid Attack
D. Bruteforce Attack

正解：D

質問 # 38
Which of the following factors determine the choice of SIEM architecture?

A. SMTP Configuration
B. DNS Configuration
C. DHCP Configuration
D. Network Topology

正解：B

質問 # 39
Which of the following attack inundates DHCP servers with fake DHCP requests to exhaust all available IP addresses?

A. DHCP Cache Poisoning
B. DHCP Spoofing Attack
C. DHCP Starvation Attacks
D. DHCP Port Stealing

正解：C

質問 # 40
Identify the event severity level in Windows logs for the events that are not necessarily significant, but may indicate a possible future problem.

A. Warning
B. Information
C. Error
D. Failure Audit

正解：A

質問 # 41
Which of the following attack can be eradicated by using a safe API to avoid the use of the interpreter entirely?

A. LDAP Injection Attacks
B. SQL Injection Attacks
C. File Injection Attacks
D. Command Injection Attacks

正解：D

解説：

質問 # 42
Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.
Identify the stage in which he is currently in.

A. Incident Recording and Assignment
B. Incident Triage
C. Post-Incident Activities
D. Incident Disclosure

正解：B

解説：

質問 # 43
Harley is working as a SOC analyst with Powell Tech. Powell Inc. is using Internet Information Service (IIS) version 7.0 to host their website.
Where will Harley find the web server logs, if he wants to investigate them for any anomalies?

A. SystemDrive%\inetpub\logs\LogFiles\W3SVCN
B. SystemDrive%\ inetpub\LogFiles\logs\W3SVCN
C. %SystemDrive%\LogFiles\logs\W3SVCN
D. SystemDrive%\LogFiles\inetpub\logs\W3SVCN

正解：D

質問 # 44
Which of the following framework describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering?

A. SOC-CMM
B. SSE-CMM
C. COBIT
D. ITIL

正解：B

質問 # 45
An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted code at the end of the company's URL as follows:
http://technosoft.com.com/<script>alert("WARNING: The application has encountered an error");</script>.
Identify the attack demonstrated in the above scenario.

A. Cross-site Scripting Attack
B. SQL Injection Attack
C. Session Attack
D. Denial-of-Service Attack

正解：C

質問 # 46
Which of the following is a default directory in a Mac OS X that stores security-related logs?

A. ~/Library/Logs
B. /Library/Logs/Sync
C. /var/log/cups/access_log
D. /private/var/log

正解：D

解説：

質問 # 47
David is a SOC analyst in Karen Tech. One day an attack is initiated by the intruders but David was not able to find any suspicious events.
This type of incident is categorized into?

A. False positive Incidents
B. True Positive Incidents
C. False Negative Incidents
D. True Negative Incidents

正解：C

解説：

質問 # 48
What is the correct sequence of SOC Workflow?

A. Collect, Ingest, Validate, Document, Report, Respond
B. Collect, Ingest, Document, Validate, Report, Respond
C. Collect, Ingest, Validate, Report, Respond, Document
D. Collect, Respond, Validate, Ingest, Report, Document

正解：A

質問 # 49
A type of threat intelligent that find out the information about the attacker by misleading them is known as
.

A. Threat trending Intelligence
B. Counter Intelligence
C. Detection Threat Intelligence
D. Operational Intelligence

正解：D

質問 # 50
Which of the following stage executed after identifying the required event sources?

A. Validating the event source against monitoring requirement
B. Identifying the monitoring Requirements
C. Implementing and Testing the Use Case
D. Defining Rule for the Use Case

正解：A

質問 # 51
Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((\%3C)|<)((\%69)|i|(\%
49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)/|.
What does this event log indicate?

A. SQL Injection Attack
B. Directory Traversal Attack
C. Parameter Tampering Attack
D. XSS Attack

正解：D

質問 # 52
Which of the following Windows features is used to enable Security Auditing in Windows?

A. Windows Firewall
B. Windows Defender
C. Local Group Policy Editor
D. Bitlocker

正解：C

質問 # 53
In which phase of Lockheed Martin's - Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?