Free Cisco 300-215 Exam Actual Questions

The questions for 300-215 were last updated On Nov 17, 2024

Question No. 1

A security team detected an above-average amount of inbound tcp/135 connection attempts from unidentified senders. The security team is responding based on their incident response playbook. Which two elements are part of the eradication phase for this incident? (Choose two.)

Show Answer Hide Answer
Correct Answer: C, D

Question No. 2

An attacker embedded a macro within a word processing file opened by a user in an organization's legal department. The attacker used this technique to gain access to confidential financial dat

a. Which two recommendations should a security expert make to mitigate this type of attack? (Choose two.)

Show Answer Hide Answer
Correct Answer: A, C

Question No. 3

Which technique is used to evade detection from security products by executing arbitrary code in the address space of a separate live operation?

Show Answer Hide Answer
Correct Answer: A

Question No. 4

Refer to the exhibit.

An employee notices unexpected changes and setting modifications on their workstation and creates an incident ticket. A support specialist checks processes and services but does not identify anything suspicious. The ticket was escalated to an analyst who reviewed this event log and also discovered that the workstation had multiple large data dumps on network shares. What should be determined from this information?

Show Answer Hide Answer
Correct Answer: B

Question No. 5

Refer to the exhibit.

Which element in this email is an indicator of attack?

Show Answer Hide Answer
Correct Answer: C