New Release 300-215 CyberOps Professional Questions

Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR) Questions and Answers

Question 17

Options:

Evaluate the artifacts in Cisco Secure Malware Analytics.

Evaluate the file activity in Cisco Umbrella.

Analyze the registry activity section in Cisco Umbrella.

Analyze the activity paths in Cisco Secure Malware Analytics.

Question 18

An attacker modifies a malicious file named TOPSECRET0523619132 by changing its file extension from a .png to a doc in an attempt to evade detection. Which technique is being used to disguise the file?

Options:

steganography

obfuscatiofi

spoofing

hashing

Question 19

Snort detects traffic that is targeting vulnerabilities in files that belong to software in the Microsoft Office suite. On a SIEM tool, the SOC analyst sees an alert from Cisco FMC. Cisco FMC is implemented with Snort IDs. Which alert message is shown?

Options:

FILE-OFFICE Microsoft Graphics buffer overflow

FILE-OFFICE Microsoft Graphics cross site scripting (XSS)

FILE-OFFICE Microsoft Graphics SQL INJECTION

FILE-OFFICE Microsoft Graphics remote code execution attempt

Question 20

Refer to the exhibit.

A network engineer is analyzing a Wireshark file to determine the HTTP request that caused the initial Ursnif banking Trojan binary to download. Which filter did the engineer apply to sort the Wireshark traffic logs?

Options:

http.request.un matches

tls.handshake.type ==1

tcp.port eq 25

tcp.window_size ==0

Spring Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

New Release 300-215 CyberOps Professional Questions

Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR) Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce