CiscoCisco
300-215 · Question #131
300-215 Question #131: Real Exam Question with Answer & Explanation
Sign in or unlock 300-215 to reveal the answer and full explanation for question #131. The question stem and answer options stay visible for context.
Submitted by wei.xz· Mar 6, 2026Forensics Techniques
Question
Refer to the exhibit. An experienced cybersecurity analyst is investigating a sophisticated suspected breach on a Windows server within an enterprise network and compiled the evidence gathered so far. Which action should the analyst prioritize to understand the scope and impact of the breach?
Options
- AReview the security log alterations to understand the methods used to deactivate security systems.
- BPerform a forensic memory analysis to isolate and identify the polymorphic malware's behavior
- CConduct a deep dive analysis of the outbound network traffic to trace the foreign IP addresses.
- DInvestigate the Windows Registry modifications for potential backdoors and establish a timeline of
Unlock 300-215 to see the answer
You've previewed enough free 300-215 questions. Unlock 300-215 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Incident investigation#Memory forensics#Scope and impact#Breach analysis