ECCouncil 312-85 - Certified Threat Intelligence Analyst Exam
Page: 2 / 18
Total 88 questions
Question #6 (Topic: Exam A)
Miley, an analyst, wants to reduce the amount of collected data and make the storing and sharing process easy. She uses filtering, tagging, and queuing technique to sort out the relevant and structured data from the large amounts of unstructured data.
Which of the following techniques was employed by Miley?
Which of the following techniques was employed by Miley?
A. Sandboxing
B. Normalization
C. Data visualization
D. Convenience sampling
Answer: B
Question #7 (Topic: Exam A)
Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization.
Which of the following are the needs of a RedTeam?
Which of the following are the needs of a RedTeam?
A. Intelligence related to increased attacks targeting a particular software or operating system vulnerability
B. Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and procedures (TTPs)
C. Intelligence extracted latest attacks analysis on similar organizations, which includes details about latest threats and TTPs
D. Intelligence that reveals risks related to various strategic business decisions
Answer: B
Question #8 (Topic: Exam A)
Michael, a threat analyst, works in an organization named TechTop, was asked to conduct a cyber-threat intelligence analysis. After obtaining information regarding threats, he has started analyzing the information and understanding the nature of the threats.
What stage of the cyber-threat intelligence is Michael currently in?
What stage of the cyber-threat intelligence is Michael currently in?
A. Unknown unknowns
B. Unknowns unknown
C. Known unknowns
D. Known knowns
Answer: C
Question #9 (Topic: Exam A)
Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?
A. Data collection through passive DNS monitoring
B. Data collection through DNS interrogation
C. Data collection through DNS zone transfer
D. Data collection through dynamic DNS (DDNS)
Answer: A
Question #10 (Topic: Exam A)
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?
What phase of the advanced persistent threat lifecycle is John currently in?
A. Initial intrusion
B. Search and exfiltration
C. Expansion
D. Persistence
Answer: C
