Questions for the 312-39 were updated on : Nov 29 ,2024
Bonney's system has been compromised by a gruesome malware.
What is the primary step that is advisable to Bonney in order to contain the malware incident from
spreading?
B
According to the forensics investigation process, what is the next step carried out right after
collecting the evidence?
A
Which one of the following is the correct flow for Setting Up a Computer Forensics Lab?
A
Reference:
https://info-savvy.com/setting-up-a-computer-forensics-lab/
Which of the following directory will contain logs related to printer access?
A
Which
of the following command is used to enable logging in iptables?
B
Reference:
https://tecadmin.net/enable-logging-in-iptables-on-linux/
Ray
is a SOC analyst in a company named Queens Tech. One Day, Queens Tech is affected by a DoS/DDoS
attack. For the containment of this incident, Ray and his team are trying to provide additional
bandwidth to the network devices and increasing the capacity of the servers.
What is Ray and his team doing?
D
Identify the attack when an attacker by several trial and error can read the contents of a password
file present in the restricted etc folder just by manipulating the URL in the browser as shown:
http://www.terabytes.com/process.php./../../../../etc/passwd
B
Reference:
https://doc.lagout.org/security/SQL%20Injection%20Attacks%20and%20Defense.pdf
Which encoding replaces unusual ASCII characters with "%" followed by the characters two-digit
ASCII code expressed in hexadecimal?
D
Reference:
https://ktflash.gitbooks.io/ceh_v9/content/125_countermeasures.html
Which of the following formula represents the risk?
B
The Syslog message severity levels are labelled from level 0 to level 7.
What does level 0 indicate?
B
Where will you find the reputation IP database, if you want to monitor traffic from known bad IP
reputation using OSSIM SIEM?
A
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very
low and the impact of that attack is major?
C
Reference:
https://www.moheri.gov.om/userupload/Policy/IT%20Risk%20Management%20Framework.pdf
(17)
Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?
B
Reference:
https://tecadmin.net/enable-logging-in-iptables-on-linux/
Which of the following technique involves scanning the headers of IP packets leaving a network to
make sure
that the unauthorized or malicious traffic never leaves the internal network?
A
Reference:
https://grokdesigns.com/wp-content/uploads/2018/04/CEH-v9-Notes.pdf
(99)
Which of the following formula is used to calculate the EPS of the organization?
A