Cisco
350-201 · Question #60
A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code execution attack occurred in a company's infrastructure. Which steps should an eng
Sign in or unlock 350-201 to reveal the answer and full explanation for question #60. The question stem and answer options stay visible for context.
Processes
Question
A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code execution attack occurred in a company's infrastructure. Which steps should an engineer take at the recovery stage?
Options
- ADetermine the systems involved and deploy available patches
- BAnalyze event logs and restrict network access
- CReview access lists and require users to increase password complexity
- DIdentify the attack vector and update the IDS signature list
Unlock 350-201 to see the answer
You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#incident recovery#phishing#remote code execution#patch deployment