CiscoCisco
300-215 · Question #66
300-215 Question #66: Real Exam Question with Answer & Explanation
The correct answer is C: process injection. The “Persistence” behavior notes writing data into another process’s memory space - classic process injection - making it a clear indicator of compromise.
Submitted by neha2k· Mar 6, 2026Incident Response Techniques
Question
Refer to the exhibit. The application x-dosexec with hash 691c65e4fb1d19f82465df1d34ad51aaeceba14a78167262dc7b2840a6a6aa87 is reported as malicious and labeled as "Trojan.Generic" by the threat intelligence tool. What is considered an indicator of compromise?
Options
- Amodified registry
- Bhooking
- Cprocess injection
- Ddata compression
Explanation
The “Persistence” behavior notes writing data into another process’s memory space - classic process injection - making it a clear indicator of compromise.
Topics
#indicator of compromise#malware analysis#process injection#Trojan
Community Discussion
No community discussion yet for this question.