ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-39 All Questions

View all questions & answers for the 312-39 exam
Go to Exam

Exam 312-39 topic 1 question 90 discussion

Actual exam question from ECCouncil's 312-39
Question #: 90
Topic #: 1
[All 312-39 Questions]

Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for further investigation and confirmation. Charline, after a thorough investigation, confirmed the incident and assigned it with an initial priority.
What would be her next action according to the SOC workflow?

  • A. She should immediately escalate this issue to the management
  • B. She should immediately contact the network administrator to solve the problem
  • C. She should communicate this incident to the media immediately
  • D. She should formally raise a ticket and forward it to the IRT
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Keapa_a at Dec. 19, 2022, 5:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ruso_1985
5 months, 3 weeks ago
The correcto answer is D.
upvoted 1 times
...
Man_San
1 year, 10 months ago
Selected Answer: D
the correct answer is D When SOC Analyst-L2 identifies that security, issues have occurred he/she will forward them to the incident response team. A SOC Analyst-L2 works like a team member and also communicates with outside stakeholders. EC-council SOC ebook - p12
upvoted 1 times
...
Keapa_a
2 years, 4 months ago
D. She should formally raise a ticket and forward it to the IRT L1 escalates and forwards an incidence to L2 for a deeper investigation and confirms its indeed a True positive, Then L2 forwards it for the IRT for remediation.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago