All About Accurate 312-85 Exams

It is impossible to pass EC-Council 312-85 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed EC-Council 312-85 practice questions. You will get a surprising result by our Leading Certified Threat Intelligence Analyst practice guides.

Online 312-85 free questions and answers of New Version:

Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?

  • A. Nation-state attribution
  • B. True attribution
  • C. Campaign attribution
  • D. Intrusion-set attribution

Answer: B

Kim, an analyst, is looking for an intelligence-sharing platform to gather and share threat information from a variety of sources. He wants to use this information to develop security policies to enhance the overall security posture of his organization.
Which of the following sharing platforms should be used by Kim?

  • A. Cuckoo sandbox
  • B. OmniPeek
  • C. PortDroid network analysis
  • D. Blueliv threat exchange network

Answer: D

Alison, an analyst in an XYZ organization, wants to retrieve information about a company’s website from the time of its inception as well as the removed information from the target website.
What should Alison do to get the information he needs.

  • A. Alison should use SmartWhois to extract the required website information.
  • B. Alison should use to extract the required website information.
  • C. Alison should run the Web Data Extractor tool to extract the required website information.
  • D. Alison should recover cached pages of the website from the Google search engine cache to extract the required website information.

Answer: C

Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.
Which of the following categories of threat intelligence feed was acquired by Jian?

  • A. Internal intelligence feeds
  • B. External intelligence feeds
  • C. CSV data feeds
  • D. Proactive surveillance feeds

Answer: A

Daniel is a professional hacker whose aim is to attack a system to steal data and money for profit. He performs hacking to obtain confidential data such as social security numbers, personally identifiable information (PII) of an employee, and credit card information. After obtaining confidential data, he further sells the information on the black market to make money.
Daniel comes under which of the following types of threat actor.

  • A. Industrial spies
  • B. State-sponsored hackers
  • C. Insider threat
  • D. Organized hackers

Answer: D

ABC is a well-established cyber-security company in the United States. The organization implemented the automation of tasks such as data enrichment and indicator aggregation. They also joined various communities to increase their knowledge about the emerging threats. However, the security teams can only detect and prevent identified threats in a reactive approach.
Based on threat intelligence maturity model, identify the level of ABC to know the stage at which the
organization stands with its security and vulnerabilities.

  • A. Level 2: increasing CTI capabilities
  • B. Level 3: CTI program in place
  • C. Level 1: preparing for CTI
  • D. Level 0: vague where to start

Answer: A

Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?

  • A. Red
  • B. White
  • C. Green
  • D. Amber

Answer: D

An analyst is conducting threat intelligence analysis in a client organization, and during the information gathering process, he gathered information from the publicly available sources and analyzed to obtain a rich useful form of intelligence. The information source that he used is primarily used for national security, law enforcement, and for collecting intelligence required for business or strategic decision making.
Which of the following sources of intelligence did the analyst use to collect information?

  • A. OPSEC
  • B. ISAC
  • C. OSINT

Answer: C

In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?

  • A. Structured form
  • B. Hybrid form
  • C. Production form
  • D. Unstructured form

Answer: D

Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization.
Which of the following are the needs of a RedTeam?

  • A. Intelligence related to increased attacks targeting a particular software or operating system vulnerability
  • B. Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and procedures (TTPs)
  • C. Intelligence extracted latest attacks analysis on similar organizations, which includes details about latest threats and TTPs
  • D. Intelligence that reveals risks related to various strategic business decisions

Answer: B

Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization’s URL.
Which of the following Google search queries should Moses use?

  • A. related:
  • B. info:
  • C. link:
  • D. cache:

Answer: A

Tyrion, a professional hacker, is targeting an organization to steal confidential information. He wants to perform website footprinting to obtain the following information, which is hidden in the web page header.
Connection status and content type
Accept-ranges and last-modified information
X-powered-by information
Web server in use and its version
Which of the following tools should the Tyrion use to view header content?

  • A. Hydra
  • B. AutoShun
  • C. Vanguard enforcer
  • D. Burp suite

Answer: D

Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?

  • A. Strategic threat intelligence
  • B. Tactical threat intelligence
  • C. Technical threat intelligence
  • D. Operational threat intelligence

Answer: C

SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.
Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

  • A. Search
  • B. Open
  • C. Workflow
  • D. Scoring

Answer: D

In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.
Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?

  • A. Game theory
  • B. Machine learning
  • C. Decision theory
  • D. Cognitive psychology

Answer: C


P.S. Surepassexam now are offering 100% pass ensure 312-85 dumps! All 312-85 exam questions have been updated with correct answers: (49 New Questions)