Cisco
350-201(NEW-127Q) · Question #68
350-201(NEW-127Q) Question #68: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201(NEW-127Q) to reveal the answer and full explanation for question #68. The question stem and answer options stay visible for context.
Threat Detection and Incident Response
Question
Security Engineer has received alert from the DLP system that a certain marketing team user has created 20 image files, exactly the same size except for the last one, with a total size of 608494081 bytes and then attached them each to a different social media post. Which action should the security engineer take next?
Options
- AThe last image should be investigated, as it has a different size and diverges from the pattern.
- BEngineer should contact the user and ask them why they are posting images with such regular sizes.
- CThe regularity of image-size is suspicious; engineer should investigate what other file on employee drive has that size.
- DSocial media often requires to re-use images; this is a regular user behavior; alert should be dismissed as false positive.
Unlock 350-201(NEW-127Q) to see the answer
You've previewed enough free 350-201(NEW-127Q) questions. Unlock 350-201(NEW-127Q) for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#DLP Monitoring#Data Exfiltration Detection#Pattern Analysis#Incident Investigation