Special Summer Discounts Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 63r59951

312-39 Certified SOC Analyst (CSA) Questions and Answers

Questions 4

Peter, a SOC analyst with Spade Systems, is monitoring and analyzing the router logs of the company and wanted to check the logs that are generated by access control list numbered 210.

What filter should Peter add to the 'show logging' command to get the required output?

Options:

A.

show logging | access 210

B.

show logging | forward 210

C.

show logging | include 210

D.

show logging | route 210

Buy Now
Questions 5

What does [-n] in the following checkpoint firewall log syntax represents?

fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-b starttime endtime] [-u unification_scheme_file] [-m unification_mode(initial|semi|raw)] [-a] [-k (alert name|all)] [-g] [logfile]

Options:

A.

Speed up the process by not performing IP addresses DNS resolution in the Log files

B.

Display both the date and the time for each log record

C.

Display account log records only

D.

Display detailed log chains (all the log segments a log record consists of)

Buy Now
Questions 6

Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?

Options:

A.

Apility.io

B.

Malstrom

C.

OpenDNS

D.

I-Blocklist

Buy Now
Questions 7

Bonney's system has been compromised by a gruesome malware.

What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?

Options:

A.

Complaint to police in a formal way regarding the incident

B.

Turn off the infected machine

C.

Leave it to the network administrators to handle

D.

Call the legal department in the organization and inform about the incident

Buy Now
Questions 8

Identify the password cracking attempt involving a precomputed dictionary of plaintext passwords and their corresponding hash values to crack the password.

Options:

A.

Dictionary Attack

B.

Rainbow Table Attack

C.

Bruteforce Attack

D.

Syllable Attack

Buy Now
Questions 9

John, SOC analyst wants to monitor the attempt of process creation activities from any of their Windows endpoints.

Which of following Splunk query will help him to fetch related logs associated with process creation?

Options:

A.

index=windows LogName=Security EventCode=4678 NOT (Account_Name=*$) .. .. ... ..

B.

index=windows LogName=Security EventCode=4688 NOT (Account_Name=*$) .. .. ..

C.

index=windows LogName=Security EventCode=3688 NOT (Account_Name=*$) .. .. ..

D.

index=windows LogName=Security EventCode=5688 NOT (Account_Name=*$) ... ... ...

Buy Now
Questions 10

Which of the following attack inundates DHCP servers with fake DHCP requests to exhaust all available IP addresses?

Options:

A.

DHCP Starvation Attacks

B.

DHCP Spoofing Attack

C.

DHCP Port Stealing

D.

DHCP Cache Poisoning

Buy Now
Questions 11

Which of the log storage method arranges event logs in the form of a circular buffer?

Options:

A.

FIFO

B.

LIFO

C.

non-wrapping

D.

wrapping

Buy Now
Questions 12

Which of the following technique protects from flooding attacks originated from the valid prefixes (IP addresses) so that they can be traced to its true source?

Options:

A.

Rate Limiting

B.

Egress Filtering

C.

Ingress Filtering

D.

Throttling

Buy Now
Questions 13

Which of the following framework describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering?

Options:

A.

COBIT

B.

ITIL

C.

SSE-CMM

D.

SOC-CMM

Buy Now
Questions 14

Which of the following formula represents the risk?

Options:

A.

Risk = Likelihood × Severity × Asset Value

B.

Risk = Likelihood × Consequence × Severity

C.

Risk = Likelihood × Impact × Severity

D.

Risk = Likelihood × Impact × Asset Value

Buy Now
Questions 15

Which of the following is a set of standard guidelines for ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection?

Options:

A.

FISMA

B.

HIPAA

C.

PCI-DSS

D.

DARPA

Buy Now
Exam Code: 312-39
Exam Name: Certified SOC Analyst (CSA)
Last Update: Aug 19, 2022
Questions: 100

PDF + Testing Engine

$79.2  $175.99

Testing Engine

$59.4  $131.99
buy now 312-39 testing engine

PDF (Q&A)

$49.5  $109.99
buy now 312-39 pdf