300-215 · Question #134
300-215 Question #134: Real Exam Question with Answer & Explanation
Sign in or unlock 300-215 to reveal the answer and full explanation for question #134. The question stem and answer options stay visible for context.
Question
A threat hunter must analyze the threat intelligence report on APT29 and identify whether the threat actor is on the Windows machines of the customer network. According to the report, the user executes a malicious file on the victim machine that establishes a C2 connection over port 53. Afterward, the attacker uses a CLI to stage and exfiltrate business data. Which two types of logs enable the threat hunter to accomplish the task? (Choose two.)
Options
- Afile integrity monitoring logs
- BPowerShell logs
- CNetFlow logs
- DDNS logs
- Eweb application firewall logs
Unlock 300-215 to see the answer
You've previewed enough free 300-215 questions. Unlock 300-215 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.