A threat analyst wants to incorporate a requirement in the threat knowledge repository that provides an ability to modify or delete past or irrelevant threat data.
Which of the following requirement must he include in the threat knowledge repository to fulfil his needs?
A. Protection ranking
B. Searchable functionality
C. Data management
D. Evaluating performance
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Karry, a threat analyst at an XYZ organization, is performing threat intelligence analysis. During the data collection phase, he used a data collection method that involves no participants and is purely based on analysis and observation of activities and processes going on within the local boundaries of the organization.
Identify the type data collection method used by the Karry.
A. Passive data collection
B. Active data collection
C. Raw data collection
D. Exploited data collection
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Steve works as an analyst in a UK-based firm. He was asked to perform network monitoring to find any evidence of compromise. During the network monitoring, he came to know that there are multiple logins from different locations in a short time span. Moreover, he also observed certain irregular log in patterns from locations where the organization does not have business relations. This resembles that somebody is trying to steal confidential information.
Which of the following key indicators of compromise does this scenario present?
A. Unexpected patching of systems
B. Geographical anomalies
C. Unusual activity through privileged user account
D. Unusual outbound network traffic
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
A threat analyst obtains an intelligence related to a threat, where the data is sent in the form of a connection request from a remote host to the server. From this data, he obtains only the IP address of the source and destination but no contextual information. While processing this data, he obtains contextual information stating that multiple connection requests from different geo-locations are received by the server within a short time span, and as a result, the server is stressed and gradually its performance has reduced. He further performed analysis on the information based on the past and present experience and concludes the attack experienced by the client organization.
Which of the following attacks is performed on the client organization?
A. DHCP attacks
B. MAC spoofing attack
C. Bandwidth attack
D. Distributed Denial-of-Service (DDoS) attack
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Alison, an analyst in an XYZ organization, wants to retrieve information about a company's website from the time of its inception as well as the removed information from the target website.
What should Alison do to get the information he needs.
A. Alison should use SmartWhois to extract the required website information.
B. Alison should use https://archive.org to extract the required website information.
C. Alison should recover cached pages of the website from the Google search engine cache to extract the required website information.
D. Alison should run the Web Data Extractor tool to extract the required website information.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Nakatani -
頂いた問題が大分本番のテストに出ていました。
お陰様で合格できました。本当に助かりました。ありがとうございました。