Free EC-COUNCIL 312-39 Exam Dumps Questions & Answers

Identify the type of attack, an attacker is attempting on www.example.com website.

• A.  Cross-site Scripting Attack
• B.  Session Attack
• C.  SQL Injection Attack
• D.  Denial-of-Service Attack

The SOC team is tasked with enhancing the security of an organization's network infrastructure. The organization's public-facing web servers, which handle customer transactions, need to be isolated from the internal private network containing sensitive employee data and proprietary systems. The goal is to create a buffer zone that limits exposure of internal systems if the web servers are compromised during a cyberattack, such as a DDoS or SQL injection attempt. As a SOC analyst, which network architecture component would you recommend implementing to establish this isolated region?

• A.  Demilitarized Zone (DMZ)
• B.  Firewall
• C.  Intrusion Detection System (IDS)
• D.  Honeypot

A government agency needs to monitor its network for unusual data exfiltration attempts. Traditional log data is insufficient to identify traffic anomalies, so the SIEM team integrates traffic flow data to detect large transfers and unexpected spikes. The team must choose the appropriate protocol to collect IP traffic information from routers and switches. Which protocol should be used?

• A.  SNMP (Simple Network Management Protocol)
• B.  IPFIX (IP Flow Information Export)
• C.  NetFlow (RFC 3954)
• D.  Syslog

The Security Operations Center (SOC) team is investigating a suspected malware incident during the Analysis Phase of their incident response process. Their primary goal is to validate the initial detection, ensure the threat is real, and gather critical intelligence to understand the scope of the attack. Which action should the SOC team take to confirm initial findings and eliminate false alarms?

• A.  Verify false positives
• B.  Scan the enterprise environment and update the scope
• C.  Verify generated logs
• D.  Root-cause analysis

In a large corporation, the HR department receives an urgent email from someone impersonating a high-level executive, requesting immediate transfer of sensitive employee data. The email includes an official-looking document and a phone number for verification. Feeling pressured, the HR manager calls the number and
"confirms" the request, then transfers the data. Investigation later confirms the email was fraudulent and the executive had no knowledge of the request. What type of attack did the HR department face?

• A.  Application exploit
• B.  Web-based intrusion
• C.  Credential theft
• D.  Social engineering attack