312-85 Practice Questions

Kira works as a security analyst in an organization. She was asked to define and set up the requirements before collecting threat intelligence information. The requirements should focus on what must be collected in order to fulfil production intelligence.

Which of the following categories of threat intelligence requirements should Kira focus on?

You are a Security Operations Center (SOC) analyst responsible for monitoring and safeguarding the organization’s network. During routine activities, you identify a potential vulnerability that can expose critical systems to exploitation. In what specific aspect of cybersecurity would you actively engage in when addressing and mitigating this vulnerability?

Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?

As the CEO of a multinational corporation, you focus on making decisions that align with the organization's long-term goals and overall business strategies. What type of threat intelligence would be most valuable in guiding your decisions to enhance a company's resilience against emerging cyber threats?

John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.

What phase of the advanced persistent threat lifecycle is John currently in?

What term describes the trust establishment process, wherein the first organization relies on a body of evidence presented to the second organization, and the level of trust is contingent upon the degree and quality of evidence provided by the initiating organization?

In a team of threat analysts, two individuals were competing over projecting their own hypotheses on a given malware. However, to find logical proofs to confirm their hypotheses, the threat intelligence manager used a de-biasing strategy that involves learning strategic decision making in the circumstances comprising multistep interactions with numerous representatives, either having or without any perfect relevant information.

Which of the following de-biasing strategies the threat intelligence manager used to confirm their hypotheses?

SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.

Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

An organization, namely Highlander, Inc., decided to integrate threat intelligence into the incident response process for rapid detection and recovery from various security incidents.

In which of the following phases of the incident response management does the organization utilize operational and tactical threat intelligence to provide context to the alerts generated by various security mechanisms?

An analyst is conducting threat intelligence analysis in a client organization, and during the information gathering process, he gathered information from the publicly available sources and analyzed to obtain a rich useful form of intelligence. The information source that he used is primarily used for national security, law enforcement, and for collecting intelligence required for business or strategic decision making.

Which of the following sources of intelligence did the analyst use to collect information?