nerdexam
Exams300-215Questions#88
CiscoCisco

300-215 · Question #88

300-215 Question #88: Real Exam Question with Answer & Explanation

The correct answer is D: Brute-force attack; implement account lockout policies and roll out MFA.. Explanation A brute-force attack causes repeated authentication attempts against servers, which directly explains the CPU usage spike - each failed login attempt consumes processing resources, and thousands of automated attempts can overwhelm server capacity, making option D corr

Submitted by manish99· Mar 6, 2026Incident Response Techniques

Question

Refer to the exhibit. A web hosting company analyst is analyzing the latest traffic because there was a 20% spike in servers CPU usage recently. After correlating the logs, the problem seems to be related to the bad actor activities. Which attack vector is used and what mitigation can the analyst suggest?

Options

  • ASQL Injection; implement input validation and use parameterized queries.
  • BDistributed denial of service; use rate limiting and DDoS protection services.
  • CPhishing attack; conduct regular user training and use email filtering solutions.
  • DBrute-force attack; implement account lockout policies and roll out MFA.

Explanation

Explanation

A brute-force attack causes repeated authentication attempts against servers, which directly explains the CPU usage spike - each failed login attempt consumes processing resources, and thousands of automated attempts can overwhelm server capacity, making option D correct. The mitigations align perfectly: account lockout policies stop attackers after a set number of failed attempts, while MFA (Multi-Factor Authentication) makes stolen or guessed credentials useless alone.

Why the distractors are wrong:

  • A (SQL Injection) targets database query manipulation and would more likely cause data breaches or database errors, not a widespread CPU spike across multiple servers.
  • B (DDoS) causes network saturation and service unavailability through volumetric traffic flooding - while it can spike CPU, the clue about "bad actor activities" combined with authentication-related logs points more specifically to brute-force.
  • C (Phishing) is a social engineering attack targeting users via deceptive emails - it wouldn't directly cause server CPU spikes.

🧠 Memory Tip: Think "Brute = Bruise the CPU" - brute-force attacks hammer servers with repeated login attempts, bruising CPU performance. When you see unexplained CPU spikes linked to bad actors, always consider authentication abuse first, and remember the fix: Lock it + MFA it.

Topics

#Brute-force Attack#Incident Analysis#Security Mitigation

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-215 PracticeBrowse All 300-215 Questions