Cisco 300-215 Quiz 2 Topic 8 Questions 6-10

Question: 1

Refer to the exhibit.

q1_300-215

What is the IOC threat and URL in this STIX JSON snippet?

Amalware; 'http://x4z9arb.cn/4712/'

Bmalware; x4z9arb backdoor

Cx4z9arb backdoor; http://x4z9arb.cn/4712/

Dmalware; malware--162d917e-766f-4611-b5d6-652791454fca

Estix; 'http://x4z9arb.cn/4712/'

Show Answer

Question: 2

Refer to the exhibit.

q2_300-215

According to the Wireshark output, what are two indicators of compromise for detecting an Emotet malware download? (Choose two.)

ADomain name:iraniansk.com

BServer: nginx

CHash value: 5f31ab113af08=1597090577

Dfilename= ''Fy.exe''

EContent-Type: application/octet-stream

Show Answer

Question: 3

Refer to the exhibit.

q3_300-215

What should be determined from this Apache log?

AA module named mod_ssl is needed to make SSL connections.

BThe private key does not match with the SSL certificate.

CThe certificate file has been maliciously modified

DThe SSL traffic setup is improper

Show Answer

Question: 4

Refer to the exhibit.

q4_300-215

A network engineer is analyzing a Wireshark file to determine the HTTP request that caused the initial Ursnif banking Trojan binary to download. Which filter did the engineer apply to sort the Wireshark traffic logs?

Ahttp.request.un matches

Btls.handshake.type ==1

Ctcp.port eq 25

Dtcp.window_size ==0

Show Answer

Question: 5

An ''unknown error code'' is appearing on an ESXi host during authentication. An engineer checks the authentication logs but is unable to identify the issue. Analysis of the vCenter agent logs shows no connectivity errors. What is the next log file the engineer should check to continue troubleshooting this error?

A/var/log/syslog.log

B/var/log/vmksummary.log

Cvar/log/shell.log

Dvar/log/general/log

Show Answer

Cisco 300-215 Quiz:2 Topic:8 Questions:6-10