Question 27 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Prev Question Next Question

Question

$sevice June, 2020 at 533 PM ret Card Refund #180913 To: [removed] Received: from ([202.142.155.218}) by [removed] for [removed], Wed, 03 Jub 2020 15:33:03 +0000 (UTC) Received: rom [53.183.109.56] helo-WEEOWED ly) by with esmipa (Exim 4.85) (envelope-from) id 08ASBE158516 for [temovedl; Wed, 3 Jun 2020 20:33:05 +0500 Received: from [54.198.90.184] (account cobblergs8@o4 e notification intuit com HELO RUFINEF. GYPUBOT. mcg) by (Postfix) with ESMTPA id ‘mXDmHihpAEOD7.233 fo removed]; Wed, 3 Jun 2020 20:33,05 +0500 _ Part_6483125_09335162.9435849616646" Content-Type: mutipartimixed; boundary SAa >a Cash Refund Date 6103/2020 Refund # 186913, Payment Method Website Payment Check # 3000679700 Project Department Phone Number Shipping Method UPS 2" Day Air Credit Card # = ‘Transaction Next Approver m Quanity Description Options Rate ‘Amount s Ami Tax Amount Tax Details Reference 379532644 1.2020 4397.11 1397.11 4397.11 978107611 Subtotal 4397.11 ‘Shipping Cost (UPS 2% Day Air®) 0.00 Total $1,397.11 ‘s-e"“CREDIT WILL BE ISSUED TO YOUR CREDIT CARD USED FOR ORIGINAL PURCHASE"™="*"" x \Card_Refund_ 18 6913xism$

Refer to the exhibit.

Which element in this email is an indicator of attack?

Answers

A. IP Address: 202.142.155.218

B. content-Type: multipart/mixed

C. attachment: "Card-Refund"

D. subject: "Service Credit Card"

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Prev Question Next Question