← Back to exam page

312-85 Certified Threat Intelligence Analyst

Loading demo links...

Showing 4–6 of 10 questions

Question 4

Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.

Which of the following types of threat intelligence was shared by Alice?

Select an option, then click Submit answer.

  • Strategic threat intelligence

  • Tactical threat intelligence

  • Technical threat intelligence

  • Operational threat intelligence
Question 5

Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.

What should Jim do to detect the data staging before the hackers exfiltrate from the network?

Select an option, then click Submit answer.

  • Jim should identify the attack at an initial stage by checking the content of the user agent field.

  • Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.

  • Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.

  • Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
Question 6

Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.

Which of the following types of trust model is used by Garry to establish the trust?

Select an option, then click Submit answer.

  • Mediated trust

  • Mandated trust

  • Direct historical trust

  • Validated trust