Over the last year, an organization's HR department has accessed data from its legal department on the last day of each month to create a monthly activity report. An engineer is analyzing suspicious activity alerted by a threat intelligence platform that an authorized user in the HR department has accessed legal data daily for the last week. The engineer pulled the network data from the legal department's shared folders and discovered above average-size data dumps. Which threat actor is implied from these artifacts?

• A.privilege escalation
• B.internal user errors
• C.malicious insider
• D.external exfiltration

Comment: *

Name: *

Email: *

Verification: *

A threat actor has successfully attacked an organization and gained access to confidential files on a laptop.
What plan should the organization initiate to contain the attack and prevent it from spreading to other network devices?

• A.root cause
• B.intrusion prevention
• C.incident response
• D.attack surface

Comment: *

Name: *

Email: *

Verification: *

Which magic byte indicates that an analyzed file is a pdf file?

• A.706466666
• B.cGRmZmlsZQ
• C.0a0ah4cg
• D.255044462d

Comment: *

Name: *

Email: *

Verification: *

An engineer must advise on how YARA rules can enhance detection capabilities. What can YARA rules be used to identify?

• A.suspicious web requests
• B.suspicious files that match specific conditions
• C.suspicious emails and possible phishing attempts
• D.network traffic patterns

Comment: *

Name: *

Email: *

Verification: *

• A.Evaluate the artifacts in Cisco Secure Malware Analytics.
• B.Evaluate the file activity in Cisco Umbrella.
• C.Analyze the registry activity section in Cisco Umbrella.
• D.Analyze the activity paths in Cisco Secure Malware Analytics.

Comment: *

Name: *

Email: *

Verification: *