Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Cisco Exam 300-215 Topic 9 Question 79 Discussion

Actual exam question for Cisco's 300-215 exam
Question #: 79
Topic #: 9
[All 300-215 Questions]

Refer to the exhibit.

An employee notices unexpected changes and setting modifications on their workstation and creates an incident ticket. A support specialist checks processes and services but does not identify anything suspicious. The ticket was escalated to an analyst who reviewed this event log and also discovered that the workstation had multiple large data dumps on network shares. What should be determined from this information?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Lore
5 months ago
I believe it's more likely a reconnaissance attack, as they were trying to gather information.
upvoted 0 times
...
Gladys
5 months ago
But could it also be data obfuscation to cover their tracks?
upvoted 0 times
...
Horace
5 months ago
I agree with Shenika, the large data dumps on network shares point to reconnaissance.
upvoted 0 times
...
Tamar
5 months ago
I'm going to go with D as well. Trying to cover up their tracks by messing with the logs? That's some shady business right there. Gotta stay on top of that kind of thing, you know?
upvoted 0 times
...
Micah
5 months ago
You know, if I was the one who noticed all that stuff, I'd be pretty spooked. Whoever's behind this is really trying to cover their tracks. I'm going with D, log tampering.
upvoted 0 times
Junita
4 months ago
It's definitely a possibility, but I think it could also be a reconnaissance attack.
upvoted 0 times
...
An
5 months ago
I agree, log tampering seems like the most likely scenario here.
upvoted 0 times
...
...
Shenika
5 months ago
I think it might be a reconnaissance attack.
upvoted 0 times
...
Buck
6 months ago
B, reconnaissance attack, for sure. The changes and data dumps point to someone gathering information about the system, don't they? Gotta watch out for those sneaky hackers!
upvoted 0 times
...
Karan
6 months ago
Hmm, I think the answer is D. Log tampering seems like the most likely culprit here, with the unexpected changes and the large data dumps. Definitely want to look into that further.
upvoted 0 times
Carli
5 months ago
It's possible, but I think B could also be a valid option. A reconnaissance attack could involve gathering information through data dumps on network shares.
upvoted 0 times
...
Yolando
5 months ago
I agree with you, D does seem like the most likely answer. Log tampering could explain the unexpected changes and the large data dumps.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77