ECCouncil 312-85 - Certified Threat Intelligence Analyst Exam

Page:    1 / 10   
Total 49 questions

Daniel is a professional hacker whose aim is to attack a system to steal data and money for profit. He performs hacking to obtain confidential data such as social security numbers, personally identifiable information (PII) of an employee, and credit card information. After obtaining confidential data, he further sells the information on the black market to make money.
Daniel comes under which of the following types of threat actor.

  • A. Industrial spies
  • B. State-sponsored hackers
  • C. Insider threat
  • D. Organized hackers


Answer : D

An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?

  • A. DNS zone transfer
  • B. Dynamic DNS
  • C. DNS interrogation
  • D. Fast-Flux DNS


Answer : D

Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?

  • A. Red
  • B. White
  • C. Green
  • D. Amber


Answer : D

Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization’s URL.
Which of the following Google search queries should Moses use?

  • A. related: www.infothech.org
  • B. info: www.infothech.org
  • C. link: www.infothech.org
  • D. cache: www.infothech.org


Answer : A

A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.
Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?

  • A. Threat modelling
  • B. Application decomposition and analysis (ADA)
  • C. Analysis of competing hypotheses (ACH)
  • D. Automated technical analysis


Answer : C

Page:    1 / 10   
Total 49 questions