Online Access Free 312-39 Exam Questions

In which log collection mechanism, the system or application sends log records either on the local disk or over the network.

• A.signature-based
• B.pull-based
• C.rule-based
• D.push-based

Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.

What does this event log indicate?

• A.SQL Injection Attack
• B.Parameter Tampering Attack
• C.Directory Traversal Attack
• D.XSS Attack

Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.
What among the following should Wesley avoid from considering?

• A.Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes
• B.Deserialization of trusted data must cross a trust boundary
• C.Allow serialization for security-sensitive classes
• D.Understand the security permissions given to serialization and deserialization

Which of the following formula is used to calculate the EPS of the organization?

• A.EPS = average number of correlated events / time in seconds
• B.EPS = number of correlated events / time in seconds
• C.EPS = number of normalized events / time in seconds
• D.EPS = number of security events / time in seconds

Harley is working as a SOC analyst with Powell Tech. Powell Inc. is using Internet Information Service (IIS) version 7.0 to host their website.
Where will Harley find the web server logs, if he wants to investigate them for any anomalies?

• A.%SystemDrive%\LogFiles\logs\W3SVCN
• B.SystemDrive%\ inetpub\LogFiles\logs\W3SVCN
• C.SystemDrive%\LogFiles\inetpub\logs\W3SVCN
• D.SystemDrive%\inetpub\logs\LogFiles\W3SVCN