350-201 · Question #44
350-201 Question #44: Real Exam Question with Answer & Explanation
The correct answer is C: The prioritized behavioral indicators of compromise justify the execution of the "ransomware". This question tests interpretation of a Cisco Threat Grid behavioral analysis report, specifically whether the behavioral indicators observed are sufficient to classify a file as ransomware.
Question
Exhibit
Options
- AThe prioritized behavioral indicators of compromise do not justify the execution of the
- BThe prioritized behavioral indicators of compromise do not justify the execution of the
- CThe prioritized behavioral indicators of compromise justify the execution of the "ransomware"
- DThe prioritized behavioral indicators of compromise justify the execution of the "ransomware"
Explanation
This question tests interpretation of a Cisco Threat Grid behavioral analysis report, specifically whether the behavioral indicators observed are sufficient to classify a file as ransomware.
Common mistakes.
- A. This choice states the BIoCs do not justify the ransomware classification, which contradicts the exhibit data showing sufficient behavioral evidence to trigger that verdict.
- B. This is a duplicate of choice A and is equally incorrect for the same reason - the exhibit's BIoC data supports, not refutes, the ransomware classification.
- D. While D also references the ransomware classification being justified, C is the correct selection per the answer key; D likely differs in a detail visible in the full exhibit (such as a specific threat score threshold or label) that distinguishes it from C.
Concept tested. Cisco Threat Grid behavioral indicator analysis for malware classification
Reference. https://www.cisco.com/c/en/us/products/security/threat-grid/index.html
Community Discussion
No community discussion yet for this question.