Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 300-215 Topic 4 Question 85 Discussion

Actual exam question for Cisco's 300-215 exam
Question #: 85
Topic #: 4
[All 300-215 Questions]

A security team detected an above-average amount of inbound tcp/135 connection attempts from unidentified senders. The security team is responding based on their incident response playbook. Which two elements are part of the eradication phase for this incident? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A

by Wayne at Sep 15, 2024, 01:10 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Nidia
1 months ago
I bet the security team is wishing they had a solid firewall in place to block those TCP/135 connection attempts. Guess they'll have to settle for an IPS instead. *chuckles*
upvoted 0 times
An
2 days ago
B: Yeah, an IPS will have to do the job for now.
upvoted 0 times
...
Elliot
6 days ago
A: They definitely need a strong firewall to block those connection attempts.
upvoted 0 times
...
...
Martina
1 months ago
B and D, no doubt! Gotta isolate that infected data and use the IPS to block those pesky TCP/135 connection attempts. Easy peasy, lemon squeezy!
upvoted 0 times
...
Richelle
1 months ago
Hmm, this is a tricky one. I'm leaning towards B and D, but I'm also wondering if C might be relevant for the eradication phase. I'll have to think this through a bit more.
upvoted 0 times
...
Elza
2 months ago
I'm not sure about this one. I was thinking A and E might be the right answers, but I'm not confident. Guess I need to review my incident response playbook again.
upvoted 0 times
Matt
2 days ago
E) enterprise block listing solution
upvoted 0 times
...
Hyman
3 days ago
B) data and workload isolation
upvoted 0 times
...
Rosina
13 days ago
Those are the correct choices for the eradication phase. Good job!
upvoted 0 times
...
Cordie
14 days ago
D) intrusion prevention system
upvoted 0 times
...
Genevive
20 days ago
A) anti-malware software
upvoted 0 times
...
...
Leontine
2 months ago
I think the answer is B and D. Isolating the affected data and systems, and using an IPS to detect and prevent further intrusions sound like the right steps for the eradication phase.
upvoted 0 times
Tawny
14 days ago
It's important to follow the incident response playbook to ensure a thorough eradication process.
upvoted 0 times
...
Doyle
19 days ago
Using an IPS to detect and prevent further intrusions is also important to stop the attack.
upvoted 0 times
...
Kenneth
1 months ago
I agree, isolating the affected data and systems is crucial in the eradication phase.
upvoted 0 times
...
...
Dwight
2 months ago
I believe data and workload isolation is also crucial in the eradication phase to contain the threat.
upvoted 0 times
...
Barb
3 months ago
I agree with Rozella. We should also consider using intrusion prevention system for eradication.
upvoted 0 times
...
Rozella
3 months ago
I think we should use anti-malware software to eradicate the threat.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77