Cisco
350-201(NEW-127Q) · Question #39
350-201(NEW-127Q) Question #39: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201(NEW-127Q) to reveal the answer and full explanation for question #39. The question stem and answer options stay visible for context.
Security Operations and Incident Handling
Question
A security analyst receives an alert concerning an iOS device belonging to the CFO. The device pings a high-risk country daily because this executive visited that country. Which step must the analyst take next to eliminate a possibility of threat actor having access to the device?
Options
- ARemotely dump the memory of the device, and analyze it for persistency.
- BWipe the device remotely to prevent further compromise of company data.
- CTell the CFO to put the device in a Faraday bag and ship it to the headquarters.
- DInvestigate the device network logs, and analyze the data being sent.
Unlock 350-201(NEW-127Q) to see the answer
You've previewed enough free 350-201(NEW-127Q) questions. Unlock 350-201(NEW-127Q) for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Incident Response#Device Forensics#Evidence Preservation#Mobile Security