Cisco 300-215 Quiz 2 Topic 8 Questions 6-10

Question: 1

Refer to the exhibit.

q1_300-215

What is the IOC threat and URL in this STIX JSON snippet?

Amalware; 'http://x4z9arb.cn/4712/'

Bmalware; x4z9arb backdoor

Cx4z9arb backdoor; http://x4z9arb.cn/4712/

Dmalware; malware--162d917e-766f-4611-b5d6-652791454fca

Estix; 'http://x4z9arb.cn/4712/'

Show Answer

Question: 2

Which scripts will search a log file for the IP address of 192.168.100.100 and create an output file named parsed_host.log while printing results to the console?

q2_300-215

AOption A

BOption B

COption C

DOption D

Show Answer

Question: 3

Refer to the exhibit.

q3_300-215

According to the Wireshark output, what are two indicators of compromise for detecting an Emotet malware download? (Choose two.)

ADomain name:iraniansk.com

BServer: nginx

CHash value: 5f31ab113af08=1597090577

Dfilename= ''Fy.exe''

EContent-Type: application/octet-stream

Show Answer

Question: 4

Refer to the exhibit.

q4_300-215

A network engineer is analyzing a Wireshark file to determine the HTTP request that caused the initial Ursnif banking Trojan binary to download. Which filter did the engineer apply to sort the Wireshark traffic logs?

Ahttp.request.un matches

Btls.handshake.type ==1

Ctcp.port eq 25

Dtcp.window_size ==0

Show Answer

Question: 5

Refer to the exhibit.

q5_300-215

What should be determined from this Apache log?

AA module named mod_ssl is needed to make SSL connections.

BThe private key does not match with the SSL certificate.

CThe certificate file has been maliciously modified

DThe SSL traffic setup is improper

Show Answer

Cisco 300-215 Quiz:2 Topic:8 Questions:6-10