300-215 · Question #43
300-215 Question #43: Real Exam Question with Answer & Explanation
Sign in or unlock 300-215 to reveal the answer and full explanation for question #43. The question stem and answer options stay visible for context.
Question
An organization experienced a sophisticated phishing attack that resulted in the compromise of confidential information from thousands of user accounts. The threat actor used a land and expand approach, where initially accessed account was used to spread emails further. The organization's cybersecurity team must conduct an in-depth root cause analysis to uncover the central factor or factors responsible for the success of the phishing attack. The very first victim of the attack was user with email [email protected]. The primary objective is to formulate effective strategies for preventing similar incidents in the future. What should the cybersecurity engineer prioritize in the root cause analysis report to demonstrate the underlying cause of the incident?
Options
- Ainvestigation into the specific vulnerabilities or weaknesses in the organization's email security
- Bevaluation of the organization's incident response procedures and the performance of the incident
- Cexamination of the organization's network traffic logs to identify patterns of unusual behavior
- Dcomprehensive analysis of the initial user for presence of an insider who gained monetary value
Unlock 300-215 to see the answer
You've previewed enough free 300-215 questions. Unlock 300-215 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.