nerdexam
Cisco

350-201 · Question #77

An employee abused PowerShell commands and script interpreters, which lead to an indicator of compromise (IOC) trigger. The IOC event shows that a known malicious file has been executed, and there is

Sign in or unlock 350-201 to reveal the answer and full explanation for question #77. The question stem and answer options stay visible for context.

Host-Based Analysis

Question

An employee abused PowerShell commands and script interpreters, which lead to an indicator of compromise (IOC) trigger. The IOC event shows that a known malicious file has been executed, and there is an increased likelihood of a breach. Which indicator generated this IOC event?

Options

  • AExecutedMalware.ioc
  • BCrossrider.ioc
  • CConnectToSuspiciousDomain.ioc
  • DW32 AccesschkUtility.ioc

Unlock 350-201 to see the answer

You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Topics

#IOC#PowerShell abuse#malware execution#endpoint detection
Full 350-201 Practice