Online Access Free Cisco.300-215.v2021-08-17.q29 Practice Test (Page 5)

300-215 Exam Question 16

A network host is infected with malware by an attacker who uses the host to make calls for files and shuttle traffic to bots. This attack went undetected and resulted in a significant loss. The organization wants to ensure this does not happen in the future and needs a security solution that will generate alerts when command and control communication from an infected device is detected. Which network security solution should be recommended?

A.Cisco Secure Email Gateway (ESA)

B.Cisco Secure Firewall ASA

C.Cisco Secure Web Appliance (WSA)

D.Cisco Secure Firewall Threat Defense (Firepower)

300-215 Exam Question 17

Refer to the exhibit.

Which determination should be made by a security analyst?

A.An email was sent with an attachment named "Final Report.doc".

B.An email was sent with an attachment named "Grades.doc".

C.An email was sent with an attachment named "Grades.doc.exe".

D.An email was sent with an attachment named "Final Report.doc.exe".

300-215 Exam Question 18

Refer to the exhibit.

What should an engineer determine from this Wireshark capture of suspicious network traffic?

A.There are signs of a malformed packet attack, and the engineer should limit the packet size and set a threshold of bytes as a countermeasure.

B.There are signs of ARP spoofing, and the engineer should use Static ARP entries and IP address-to-MAC address mappings as a countermeasure.

C.There are signs of a DNS attack, and the engineer should hide the BIND version and restrict zone transfers as a countermeasure.

D.There are signs of SYN flood attack, and the engineer should increase the backlog and recycle the oldest half-open TCP connections.

300-215 Exam Question 19

Refer to the exhibit. According to the Wireshark output, what are two indicators of compromise for detecting an Emotet malware download? (Choose two.)

A.Server: nginx

B.Domain name:iraniansk.com

C.Hash value: 5f31ab113af08=1597090577

D.filename= "Fy.exe"

E.Content-Type: application/octet-stream

300-215 Exam Question 20

An organization recovered from a recent ransomware outbreak that resulted in significant business damage. Leadership requested a report that identifies the problems that triggered the incident and the security team's approach to address these problems to prevent a reoccurrence. Which components of the incident should an engineer analyze first for this report?

A.impact and flow

B.cause and effect

C.risk and RPN

D.motive and factors

Other Version: 100Cisco.Prepawaypdf.300-215.v2022-03-09.by.hayden.29q.pdf; 748Cisco.300-215.v2022-02-24.q29; 82Cisco.Prep4king.300-215.v2021-08-15.by.geoffrey.27q.pdf

Latest Upload: 149CBIC.CIC.v2025-09-13.q75; 151Cisco.700-841.v2025-09-13.q131; 145SAP.C_ABAPD_2507.v2025-09-12.q56; 128SAP.C_TS452_2022.v2025-09-12.q83; 211ACSM.020-222.v2025-09-11.q48; 166VMware.5V0-31.23.v2025-09-10.q73; 138Oracle.1z0-915-1.v2025-09-10.q24; 173Citrix.1Y0-231.v2025-09-10.q87; 148SAP.C-THR85-2505.v2025-09-09.q29; 188Adobe.AD0-E727.v2025-09-09.q76

300-215 Exam Question 16

300-215 Exam Question 17

300-215 Exam Question 18

300-215 Exam Question 19

300-215 Exam Question 20

Download PDF File