Cisco Exam 300-215 Topic 2 Question 93 Discussion

Actual exam question for Cisco's 300-215 exam

Question #: 93
Topic #: 2

A security team received reports of users receiving emails linked to external or unknown URLs that are non- returnable and non-deliverable. The ISP also reported a 500% increase in the amount of ingress and egress email traffic received. After detecting the problem, the security team moves to the recovery phase in their incident response plan. Which two actions should be taken in the recovery phase of this incident? (Choose two.)

Averify the breadth of the attack

Bcollect logs

Crequest packet capture

Dremove vulnerabilities

Escan hosts with updated signatures

Show Suggested Answer

Suggested Answer: A

by Melita at Jan 26, 2025, 04:32 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Myrtie

8 days ago

Requesting packet capture is a great idea too. That data could give the security team valuable insights into the attack vector and help them plug any holes.

upvoted 0 times

...

Moon

12 days ago

Verifying the breadth of the attack and collecting logs seem like the obvious next steps to me. Can't really recover from an incident without understanding the full scope of the problem.

upvoted 0 times

...