300-215無料問題集「Cisco Conducting Forensic Analysis & Incident Response Using Cisco Technologies for CyberOps」

質問 1

An engineer is investigating a ticket from the accounting department in which a user discovered an unexpected application on their workstation. Several alerts are seen from the intrusion detection system of unknown outgoing internet traffic from this workstation. The engineer also notices a degraded processing capability, which complicates the analysis process. Which two actions should the engineer take? (Choose two.)

（A）Disconnect from the network.

（B）Replace the faulty CPU.

（C）Format the workstation drives.

（D）Restore to a system recovery point.

（E）Take an image of the workstation.

正解：D、E 解答を投票する

質問 2

Which information is provided bout the object file by the "-h" option in the objdump line command objdump -b oasys -m vax -h fu.o?

（A）bfdname

（B）headers

（C）help

（D）debugging

正解：B 解答を投票する

質問 3

What is the goal of an incident response plan?

（A）to determine security weaknesses and recommend solutions

（B）to ensure systems are in place to prevent an attack

（C）to contain an attack and prevent it from spreading

（D）to identify critical systems and resources in an organization

正解：C 解答を投票する

質問 4

An engineer is investigating a ticket from the accounting department in which a user discovered an unexpected application on their workstation. Several alerts are seen from the intrusion detection system of unknown outgoing internet traffic from this workstation. The engineer also notices a degraded processing capability, which complicates the analysis process. Which two actions should the engineer take? (Choose two.)

（A）Disconnect from the network.

（B）Replace the faulty CPU.

（C）Format the workstation drives.

（D）Restore to a system recovery point.

（E）Take an image of the workstation.

正解：D、E 解答を投票する

質問 5

Refer to the exhibit.

An engineer is analyzing a TCP stream in a Wireshark after a suspicious email with a URL. What should be determined about the SMB traffic from this stream?

（A）It is redirecting to a malicious phishing website,

（B）It is sharing access to files and printers.

（C）It is requesting authentication on the user site.

（D）It is exploiting redirect vulnerability

正解：D 解答を投票する

質問 6

Refer to the exhibit.

According to the SNORT alert, what is the attacker performing?

（A）XSS attack against the target webserver

（B）brute-force attack against directories and files on the target webserver

（C）brute-force attack against the web application user accounts

（D）SQL injection attack against the target webserver

正解：B 解答を投票する

300-215 無料問題集「Cisco Conducting Forensic Analysis & Incident Response Using Cisco Technologies for CyberOps」

弊社を連絡する

関連リンク

トップ試験