Summer Sale - Special Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 44314956B5

Good News !!! 312-85 Certified Threat Intelligence Analyst (CTIA) is now Stable and With Pass Result

312-85 Practice Exam Questions and Answers

Certified Threat Intelligence Analyst (CTIA)

Last Update 2 days ago
Total Questions : 50

312-85 is stable now with all latest exam questions are added 2 days ago. Just download our Full package and start your journey with ECCouncil Certified Threat Intelligence Analyst (CTIA) certification. All these ECCouncil 312-85 practice exam questions are real and verified by our Experts in the related industry fields.

312-85 PDF

312-85 PDF (Printable)
$54
$119.99

312-85 Testing Engine

312-85 PDF (Printable)
$63
$139.99

312-85 PDF + Testing Engine

312-85 PDF (Printable)
$79.65
$176.99
Question # 1

Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.

Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?

Options:

A.  

Data collection through passive DNS monitoring

B.  

Data collection through DNS interrogation

C.  

Data collection through DNS zone transfer

D.  

Data collection through dynamic DNS (DDNS)

Discussion 0
Question # 2

Daniel is a professional hacker whose aim is to attack a system to steal data and money for profit. He performs hacking to obtain confidential data such as social security numbers, personally identifiable information (PII) of an employee, and credit card information. After obtaining confidential data, he further sells the information on the black market to make money.

Daniel comes under which of the following types of threat actor.

Options:

A.  

Industrial spies

B.  

State-sponsored hackers

C.  

Insider threat

D.  

Organized hackers

Discussion 0
Question # 3

Kim, an analyst, is looking for an intelligence-sharing platform to gather and share threat information from a variety of sources. He wants to use this information to develop security policies to enhance the overall security posture of his organization.

Which of the following sharing platforms should be used by Kim?

Options:

A.  

Cuckoo sandbox

B.  

OmniPeek

C.  

PortDroid network analysis

D.  

Blueliv threat exchange network

Discussion 0
Question # 4

Miley, an analyst, wants to reduce the amount of collected data and make the storing and sharing process easy. She uses filtering, tagging, and queuing technique to sort out the relevant and structured data from the large amounts of unstructured data.

Which of the following techniques was employed by Miley?

Options:

A.  

Sandboxing

B.  

Normalization

C.  

Data visualization

D.  

Convenience sampling

Discussion 0
Question # 5

SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.

Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

Options:

A.  

Search

B.  

Open

C.  

Workflow

D.  

Scoring

Discussion 0
Question # 6

Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.

Which of the following phases of cyber kill chain methodology is Jame executing?

Options:

A.  

Reconnaissance

B.  

Installation

C.  

Weaponization

D.  

Exploitation

Discussion 0
Question # 7

An XYZ organization hired Mr. Andrews, a threat analyst. In order to identify the threats and mitigate the effect of such threats, Mr. Andrews was asked to perform threat modeling. During the process of threat modeling, he collected important information about the treat actor and characterized the analytic behavior of the adversary that includes technological details, goals, and motives that can be useful in building a strong countermeasure.

What stage of the threat modeling is Mr. Andrews currently in?

Options:

A.  

System modeling

B.  

Threat determination and identification

C.  

Threat profiling and attribution

D.  

Threat ranking

Discussion 0
Question # 8

Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?

Options:

A.  

Nation-state attribution

B.  

True attribution

C.  

Campaign attribution

D.  

Intrusion-set attribution

Discussion 0
Question # 9

Walter and Sons Company has faced major cyber attacks and lost confidential data. The company has decided to concentrate more on the security rather than other resources. Therefore, they hired Alice, a threat analyst, to perform data analysis. Alice was asked to perform qualitative data analysis to extract useful information from collected bulk data.

Which of the following techniques will help Alice to perform qualitative data analysis?

Options:

A.  

Regression analysis, variance analysis, and so on

B.  

Numerical calculations, statistical modeling, measurement, research, and so on.

C.  

Brainstorming, interviewing, SWOT analysis, Delphi technique, and so on

D.  

Finding links between data and discover threat-related information

Discussion 0
Question # 10

An analyst wants to disseminate the information effectively so that the consumers can acquire and benefit out of the intelligence.

Which of the following criteria must an analyst consider in order to make the intelligence concise, to the point, accurate, and easily understandable and must consist of a right balance between tables, narrative, numbers,

graphics, and multimedia?

Options:

A.  

The right time

B.  

The right presentation

C.  

The right order

D.  

The right content

Discussion 0
Question # 11

In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

Options:

A.  

Distributed storage

B.  

Object-based storage

C.  

Centralized storage

D.  

Cloud storage

Discussion 0
Question # 12

Tim is working as an analyst in an ABC organization. His organization had been facing many challenges in converting the raw threat intelligence data into meaningful contextual information. After inspection, he found that it was due to noise obtained from misrepresentation of data from huge data collections. Hence, it is important to clean the data before performing data analysis using techniques such as data reduction. He needs to choose an appropriate threat intelligence framework that automatically performs data collection, filtering, and analysis for his organization.

Which of the following threat intelligence frameworks should he choose to perform such task?

Options:

A.  

HighCharts

B.  

SIGVERIF

C.  

Threat grid

D.  

TC complete

Discussion 0
Question # 13

Which of the following components refers to a node in the network that routes the traffic from a workstation to external command and control server and helps in identification of installed malware in the network?

Options:

A.  

Repeater

B.  

Gateway

C.  

Hub

D.  

Network interface card (NIC)

Discussion 0
Question # 14

A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but afterperforming proper analysis by him, the same information can be used to detect an attack in the network.

Which of the following categories of threat information has he collected?

Options:

A.  

Advisories

B.  

Strategic reports

C.  

Detection indicators

D.  

Low-level data

Discussion 0
Question # 15

In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

Options:

A.  

Active online attack

B.  

Zero-day attack

C.  

Distributed network attack

D.  

Advanced persistent attack

Discussion 0
Get 312-85 dumps and pass your exam in 24 hours!

Free Exams Sample Questions