Free Certified SOC Analyst Exam 312-39 Exam Practice Test

Which of the following formula represents the risk?

• Risk = Likelihood Severity Asset Value
• Risk = Likelihood Consequence Severity
• Risk = Likelihood Impact Severity
• Risk = Likelihood Impact Asset Value

John, a threat analyst at GreenTech Solutions, wants to gather information about specific threats against the organization. He started collecting information from various sources, such as humans, social media, chat room, and so on, and created a report that contains malicious activity.Which of the following types of threat intelligence did he use?

• Strategic Threat Intelligence
• Technical Threat Intelligence
• Tactical Threat Intelligence
• Operational Threat Intelligence

Which of the following tool is used to recover from web application incident?

• CrowdStrike FalconTM Orchestrator
• Symantec Secure Web Gateway
• Smoothwall SWG
• Proxy Workbench

Whichof the following technique protects from flooding attacks originated from the valid prefixes (IP addresses) so that they can be traced to its true source?

• Rate Limiting
• Egress Filtering
• Ingress Filtering
• Throttling

Which of the following Windows features is used to enable Security Auditing in Windows?

• Bitlocker
• Windows Firewall
• Local Group Policy Editor
• Windows Defender

Which of the following tool can be used to filter web requests associated with the SQL Injection attack?

• Nmap
• UrlScan
• ZAP proxy
• Hydra

Which alert should be given least priority as per effective alert triaging?If the SIEM generates the following four alerts at the same time:

• I.Firewall blocking traffic from getting into the network alerts
• II.SQL injection attempt alerts
• III.Data deletion attempt alerts
• IV.Brute-force attempt alerts

Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?

• threat_note
• MagicTree
• IntelMQ
• Malstrom

Robin , a SOC engineer in a multinational company, is planning to implement a SIEM. He realized that his organization is capable of performing only Correlation, Analytics, Reporting, Retention, Alerting, and Visualization required for the SIEM implementation and has to take collection and aggregation services from a Managed Security Services Provider (MSSP).What kind of SIEM is Robin planning to implement?

• Self-hosted, Self-Managed
• Self-hosted, MSSP Managed
• Hybrid Model, Jointly Managed
• Cloud, Self-Managed

Which of the following attack can be eradicated by filtering improper XML syntax?

• CAPTCHA Attacks
• SQL Injection Attacks
• Insufficient Logging and Monitoring Attacks
• Web Services Attacks