Cisco
300-215 · Question #50
300-215 Question #50: Real Exam Question with Answer & Explanation
Sign in or unlock 300-215 to reveal the answer and full explanation for question #50. The question stem and answer options stay visible for context.
Submitted by marco_it· Mar 6, 2026Incident Response Processes
Question
A cybersecurity analyst is analyzing a complex set of threat intelligence data from internal and external sources. Among the data, they discover a series of indicators, including patterns of unusual network traffic, a sudden increase in failed login attempts, and multiple instances of suspicious file access on the company's internal servers. Additionally, an external threat feed highlights that threat actors are actively targeting organizations in the same industry using ransomware. Which action should the analyst recommend?
Options
- AAdvise on monitoring the situation passively because network traffic anomalies are coincidental
- BPropose isolation of affected systems and activating the incident response plan because the
- CAdvocate providing additional training on secure login practices because the increase in failed
- DNotify of no requirement for immediate action because the suspicious file access incidents are
Unlock 300-215 to see the answer
You've previewed enough free 300-215 questions. Unlock 300-215 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#threat intelligence#ransomware#incident response planning#threat correlation#system isolation