Certified SOC Analyst (CSA) Free Practice Exam Questions

94 real Certified SOC Analyst (CSA) exam questions with answers and AI explanations. EC-Council certification prep — page 7 of 10.

  1. Question 63: Which of the following Windows features is used to enable Security Auditing in Windows?
  2. Question 64: Which of the following attacks causes sudden changes in file extensions or increase in file renames at rapid speed?
  3. Question 65: What does [-n] in the following checkpoint firewall log syntax represents? fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-…
  4. Question 66: What does Windows event ID 4740 indicate?
  5. Question 67: Which of the following attack inundates DHCP servers with fake DHCP requests to exhaust all available IP addresses?
  6. Question 68: Which of the following is a correct flow of the stages in an incident handling and response (IH&R) process?
  7. Question 69: Chloe, a SOC analyst with Jake Tech, is checking Linux systems logs. She is investigating files at /var/log/wtmp. What Chloe is looking at?
  8. Question 70: What does HTTPS Status code 403 represents?
  9. Question 71: Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((\%3C)|<)((\%69)|i|(\%49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E…
  10. Question 72: The threat intelligence, which will help you, understand adversary intent and make informed decision to ensure appropriate security in alignment with risk. Wha…