CiscoCisco
300-215 · Question #123
300-215 Question #123: Real Exam Question with Answer & Explanation
The correct answer is C: Regular beaconing intervals. C2 traffic often beacons at consistent time intervals, even over common ports like 443, to blend
Submitted by kevin_r· Mar 6, 2026Forensics Techniques
Question
Which indicator BEST distinguishes malware command-and-control (C2) traffic from normal outbound traffic?
Options
- ALarge packet size
- BHigh bandwidth utilization
- CRegular beaconing intervals
- DUse of TCP port 443
Explanation
C2 traffic often beacons at consistent time intervals, even over common ports like 443, to blend
Topics
#Network forensics#C2 traffic#Beaconing#Traffic analysis
Community Discussion
No community discussion yet for this question.