Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Cisco Exam 300-215 Topic 3 Question 70 Discussion

Actual exam question for Cisco's 300-215 exam
Question #: 70
Topic #: 3
[All 300-215 Questions]

A network host is infected with malware by an attacker who uses the host to make calls for files and shuttle traffic to bots. This attack went undetected and resulted in a significant loss. The organization wants to ensure this does not happen in the future and needs a security solution that will generate alerts when command and control communication from an infected device is detected. Which network security solution should be recommended?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Jessenia
6 months ago
I think C) Cisco Secure Email Gateway (ESA) could also help in detecting malicious communication. It's important to have multiple layers of security in place.
upvoted 0 times
...
Sarah
6 months ago
I'm not sure, but I think A) Cisco Secure Firewall ASA could also be a good option for detecting and preventing command and control communication.
upvoted 0 times
...
Marylou
6 months ago
I agree with Werner. B) Cisco Secure Firewall Threat Defense (Firepower) seems like the most appropriate choice to prevent such attacks in the future.
upvoted 0 times
...
Werner
6 months ago
I think the best option would be B) Cisco Secure Firewall Threat Defense (Firepower). It has the capabilities to detect command and control communication.
upvoted 0 times
...
Justine
7 months ago
I see your point, Laurel. But Threat Defense (Firepower) is specifically designed for advanced threat detection.
upvoted 0 times
...
Laurel
7 months ago
I'm not sure. Could it be A) Cisco Secure Firewall ASA instead? It also provides firewall protection.
upvoted 0 times
...
Lore
7 months ago
I agree with Justine. Threat Defense (Firepower) seems like the best option to stop malware communications.
upvoted 0 times
...
Justine
7 months ago
I think the answer should be B) Cisco Secure Firewall Threat Defense (Firepower). It has advanced capabilities to detect command and control communication.
upvoted 0 times
...
Alise
8 months ago
Haha, yeah, the ESA could be like the security guard that's watching your inbox like a hawk. 'Hey, you! No suspicious emails allowed in here!' *shakes finger*
upvoted 0 times
Bok
8 months ago
Haha, yeah, the ESA could be like the security guard that's watching your inbox like a hawk. 'Hey, you! No suspicious emails allowed in here!' *shakes finger*
upvoted 0 times
...
Earlean
8 months ago
D) Cisco Secure Web Appliance (WSA)
upvoted 0 times
...
Pamella
8 months ago
C) Cisco Secure Email Gateway (ESA)
upvoted 0 times
...
Rosamond
8 months ago
B) Cisco Secure Firewall Threat Defense (Firepower)
upvoted 0 times
...
Slyvia
8 months ago
A) Cisco Secure Firewall ASA
upvoted 0 times
...
...
Lucille
8 months ago
I don't know, you guys. The Cisco Secure Email Gateway (ESA) might be a good option too. If the attacker was using email to communicate with the infected host, the ESA could catch that and alert the security team. It's worth considering, at least.
upvoted 0 times
...
Carla
8 months ago
You know, I was just reading about Firepower the other day. It uses a combination of network traffic analysis, threat intelligence, and machine learning to identify and block command and control communications. Sounds pretty robust to me. I think that's the way to go.
upvoted 0 times
...
Jade
8 months ago
Ugh, this question is so tricky. I mean, the attacker was able to use the host to communicate with bots without getting detected, so we need a solution that can really monitor and alert on that type of activity. I'm leaning towards option B, Cisco Secure Firewall Threat Defense (Firepower), because I heard it has some pretty advanced threat detection and response capabilities.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77