300-215 · Question #105
300-215 Question #105: Real Exam Question with Answer & Explanation
The correct answer is B: Cisco Secure Firewall Threat Defense (Firepower). The Cisco Secure Firewall Threat Defense (Firepower) includes advanced capabilities such as intrusion prevention, URL filtering, and deep packet inspection. According to the CyberOps guide, it can detect and block C2 communications by analyzing traffic patterns and comparing them
Question
A network host is infected with malware by an attacker who uses the host to make calls for files and shuttle traffic to bots. This attack went undetected and resulted in a significant loss. The organization wants to ensure this does not happen in the future and needs a security solution that will generate alerts when command and control communication from an infected device is detected. Which network security solution should be recommended?
Options
- ACisco Secure Firewall ASA
- BCisco Secure Firewall Threat Defense (Firepower)
- CCisco Secure Email Gateway (ESA)
- DCisco Secure Web Appliance (WSA)
Explanation
The Cisco Secure Firewall Threat Defense (Firepower) includes advanced capabilities such as intrusion prevention, URL filtering, and deep packet inspection. According to the CyberOps guide, it can detect and block C2 communications by analyzing traffic patterns and comparing them to threat intelligence data. Advanced solutions such as Firepower provide detection capabilities for command and control (C2) traffic by identifying unusual outbound connections and behavioral
Topics
Community Discussion
No community discussion yet for this question.