ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-215 All Questions

View all questions & answers for the 300-215 exam
Go to Exam

Exam 300-215 topic 1 question 23 discussion

Actual exam question from Cisco's 300-215
Question #: 23
Topic #: 1
[All 300-215 Questions]

An employee receives an email from a "trusted" person containing a hyperlink that is malvertising. The employee clicks the link and the malware downloads. An information analyst observes an alert at the SIEM and engages the cybersecurity team to conduct an analysis of this incident in accordance with the incident response plan. Which event detail should be included in this root cause analysis?

  • A. phishing email sent to the victim
  • B. alarm raised by the SIEM
  • C. information from the email header
  • D. alert identified by the cybersecurity team
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by testisi at Jan. 3, 2021, 3:29 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
joseph267
5 days, 11 hours ago
I personally think that the root cause should be a phishing attempt
upvoted 1 times
...
Bobster02
1 year, 5 months ago
B -100%, because this is our event detail. SIEM alert can not refereed as an event detail.
upvoted 1 times
...
testisi
1 year, 11 months ago
It should be C
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago