300-215 Question #20: Real Exam Question with Answer & Explanation

Sign in or unlock 300-215 to reveal the answer and full explanation for question #20. The question stem and answer options stay visible for context.

Submitted by cyberguy42· Mar 6, 2026Incident Response Techniques

Question

A scanner detected a malware-infected file on an endpoint that is attempting to beacon to an external site. An analyst has reviewed the IPS and SIEM logs but is unable to identify the file's behavior. Which logs should be reviewed next to evaluate this file further?

Options

Aemail security appliance
BDNS server
CAntivirus solution
Dnetwork device

Unlock 300-215 to see the answer

You've previewed enough free 300-215 questions. Unlock 300-215 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 300-215 - $49.99 / 30 days Sign in

Topics

#malware investigation#log analysis#endpoint security#beaconing

Full 300-215 Practice Browse All 300-215 Questions