312-85 Free Practice Test

Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?

1. A. Strategic threat intelligence
2. B. Tactical threat intelligence
3. C. Technical threat intelligence
4. D. Operational threat intelligence

Correct Answer: C

Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?

1. A. Data collection through passive DNS monitoring
2. B. Data collection through DNS interrogation
3. C. Data collection through DNS zone transfer
4. D. Data collection through dynamic DNS (DDNS)

Correct Answer: B

SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.
Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

1. A. Search
2. B. Open
3. C. Workflow
4. D. Scoring

Correct Answer: D

A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.
Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?

1. A. Threat modelling
2. B. Application decomposition and analysis (ADA)
3. C. Analysis of competing hypotheses (ACH)
4. D. Automated technical analysis

Correct Answer: C

Which of the following characteristics of APT refers to numerous attempts done by the attacker to gain entry to the target’s network?

1. A. Risk tolerance
2. B. Timeliness
3. C. Attack origination points
4. D. Multiphased

Correct Answer: C