Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 300-215 Topic 4 Question 85 Discussion

Actual exam question for Cisco's 300-215 exam
Question #: 85
Topic #: 4
[All 300-215 Questions]

A security team detected an above-average amount of inbound tcp/135 connection attempts from unidentified senders. The security team is responding based on their incident response playbook. Which two elements are part of the eradication phase for this incident? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A

by Wayne at Sep 15, 2024, 01:10 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leontine
3 days ago
I think the answer is B and D. Isolating the affected data and systems, and using an IPS to detect and prevent further intrusions sound like the right steps for the eradication phase.
upvoted 0 times
...
Dwight
22 days ago
I believe data and workload isolation is also crucial in the eradication phase to contain the threat.
upvoted 0 times
...
Barb
24 days ago
I agree with Rozella. We should also consider using intrusion prevention system for eradication.
upvoted 0 times
...
Rozella
28 days ago
I think we should use anti-malware software to eradicate the threat.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77