nerdexam
Exams300-215Questions#144
CiscoCisco

300-215 · Question #144

300-215 Question #144: Real Exam Question with Answer & Explanation

The correct answer is B: Introducing DDoS mitigation procedures, internal data leak investigations, and proactive malware. An incident playbook must define repeatable, scenario-specific procedures for the actual threats observed so responders don’t improvise under pressure. For this case, that means documented steps to mitigate DDoS, investigate and validate internal data leakage, and contain/remedia

Submitted by fatema_kw· Mar 6, 2026Incident Response Processes

Question

A financial company handling international transactions recently experienced a complex security incident. The incident involves simultaneous DDoS attacks, suspected internal data leakage, and the discovery of sophisticated malware implants that have remained dormant until triggered remotely. During the incident it became clear that the current procedures are inadequate and plans to tackle issues were created on the go. To counter this problem going forward, the IR team is developing an incident playbook to be used if a similar incident reoccurs. Which set of elements of the playbook must be introduced?

Options

  • AEngaging third-party cybersecurity experts, expanding threat intelligence sharing, and improving
  • BIntroducing DDoS mitigation procedures, internal data leak investigations, and proactive malware
  • CEnhancing monitoring protocols, updating firewall rules, and automating traffic analysis tasks
  • DEstablishing real-time collaboration procedures, increasing data encryption, and revising access

Explanation

An incident playbook must define repeatable, scenario-specific procedures for the actual threats observed so responders don’t improvise under pressure. For this case, that means documented steps to mitigate DDoS, investigate and validate internal data leakage, and contain/remediate remotely triggered dormant malware, including clear decision points for escalation and containment actions. Exam Questions, Study Guides, Practice Tests. Lead the way to help you pass any IT Certification exams, 100% Pass Guaranteed or Full Refund. Especially Cisco, Microsoft, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. Our Slogan: First Test, First Pass. Help you to pass any IT Certification exams at the first try. You can reach us at any of the email addresses listed below. Any problems about IT certification or our products, you could rely upon us, we will give you satisfactory answers in 24 hours.

Topics

#Incident playbook#DDoS mitigation#Data leakage#Malware response

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-215 PracticeBrowse All 300-215 Questions