nerdexam
Exams300-215Questions#23
CiscoCisco

300-215 · Question #23

300-215 Question #23: Real Exam Question with Answer & Explanation

The correct answer is D: An email was sent with an attachment named "Final Report.doc.exe".. The XML structure shows that: The file name starts with: "Final Report" The file extension equals: "doc.exe" Together, this forms "Final Report.doc.exe" -- a known double-extension technique used to disguise executables as benign documents. This is a red flag in email forensics,

Submitted by weili_xi· Mar 6, 2026Forensics Techniques

Question

Refer to the exhibit. Which determination should be made by a security analyst?

Options

  • AAn email was sent with an attachment named "Grades.doc.exe".
  • BAn email was sent with an attachment named "Grades.doc".
  • CAn email was sent with an attachment named "Final Report.doc".
  • DAn email was sent with an attachment named "Final Report.doc.exe".

Explanation

The XML structure shows that: The file name starts with: "Final Report" The file extension equals: "doc.exe" Together, this forms "Final Report.doc.exe" -- a known double-extension technique used to disguise executables as benign documents. This is a red flag in email forensics, commonly linked to malware distribution, and explicitly covered in the Cisco CyberOps study material as a typical evasion method for malicious attachments.

Topics

#email security#filename obfuscation#malware delivery#social engineering

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-215 PracticeBrowse All 300-215 Questions