Certified SOC Analyst (CSA) (312-39) - EC Council Actual Exam Questions
Last updated on May 13, 2026
Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/ wtmp. What Chloe is looking at?
Error log
System boot log
General message and system-related stuff
Login records
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?
High
Extreme
Low
Medium
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive. Identify the stage in which he is currently in.
Post-Incident Activities
Incident Recording and Assignment
Incident Triage
Incident Disclosure
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Which of the following command is used to enable logging in iptables?
$ iptables -B INPUT -j LOG
$ iptables -A OUTPUT -j LOG
$ iptables -A INPUT -j LOG
$ iptables -B OUTPUT -j LOG
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
In which log collection mechanism, the system or application sends log records either on the local disk or over the network.
rule-based
pull-based
push-based
signature-based
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.