Cisco 300-215 Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies CBRFIR Exam Practice Test

Page: 1 / 14
Total 59 questions

Question 1

Refer to the exhibit.

According to the SNORT alert, what is the attacker performing?



Answer : C

Question 2

Refer to the exhibit.

What do these artifacts indicate?



Answer : A

Question 3

An engineer received a call to assist with an ongoing DDoS attack. The Apache server is being targeted, and availability is compromised. Which step should be taken to identify the origin of the threat?



Answer : D

Question 4

Which magic byte indicates that an analyzed file is a pdf file?



Answer : C

Question 5

Refer to the exhibit.

An HR department submitted a ticket to the IT helpdesk indicating slow performance on an internal share server. The helpdesk engineer checked the server with a real-time monitoring tool and did not notice anything suspicious. After checking the event logs, the engineer noticed an event that occurred 48 hour prior. Which two indicators of compromise should be determined from this information? (Choose two.)



Answer : A, D

Question 6

An ''unknown error code'' is appearing on an ESXi host during authentication. An engineer checks the authentication logs but is unable to identify the issue. Analysis of the vCenter agent logs shows no connectivity errors. What is the next log file the engineer should check to continue troubleshooting this error?



Answer : A

Question 7

What is the steganography anti-forensics technique?



Answer : A

Page:    1 / 14   
Total 59 questions