Cisco
350-201 · Question #125
350-201 Question #125: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201 to reveal the answer and full explanation for question #125. The question stem and answer options stay visible for context.
Network Intrusion Analysis
Question
A SOC team is investigating a recent, targeted social engineering attack on multiple employees. Cross- correlated log analysis revealed that two hours before the attack, multiple assets received requests on TCP port 79. Which action should be taken by the SOC team to mitigate this attack?
Options
- ADisable BIND forwarding from the DNS server to avoid reconnaissance.
- BDisable affected assets and isolate them for further investigation.
- CConfigure affected devices to disable NETRJS protocol.
- DConfigure affected devices to disable the Finger service.
Unlock 350-201 to see the answer
You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#port 79#Finger service#reconnaissance#social engineering