300-215 · Question #65
300-215 Question #65: Real Exam Question with Answer & Explanation
Sign in or unlock 300-215 to reveal the answer and full explanation for question #65. The question stem and answer options stay visible for context.
Question
A cybersecurity analyst is examining a complex dataset of threat intelligence information from various sources. Among the data, they notice multiple instances of domain name resolution requests to suspicious domains known for hosting C2 servers. Simultaneously, the intrusion detection system logs indicate a series of network anomalies, including unusual port scans and attempts to exploit known vulnerabilities. The internal logs also reveal a sudden increase in outbound network traffic from a specific internal host to an external IP address located in a high- risk region. Which action should be prioritized by the organization?
Options
- AThreat intelligence information should be marked as false positive because unnecessary alerts
- BFocus should be applied toward attempts of known vulnerability exploitation because the attacker
- COrganization should focus on C2 communication attempts and the sudden increase in outbound
- DData on ports being scanned should be collected and SSL decryption on Firewall enabled to
Unlock 300-215 to see the answer
You've previewed enough free 300-215 questions. Unlock 300-215 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.