Question 24 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Question 24 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Prev Question Next Question

Question

<stixIndicator id= “CISA:Indicator-18559cbf-57ce-49ba-bb73-2bdf5426744c’ timestamp= “2020-04- 08T00:44:39.970278+00:00" xsi:type= “indicator:IndicatorType"> <indicator-Title>Malicious FQDN Indicator</indicator-Title> <indicator:Observable id= “CISA:Observable-dd7a25ea-830f-46cd-9d2a-d7b5aa354f89"> <cybox:Object id= “CISA: Object-a2169ad2-5273-41cb-9491-48c69b22da74"> <cybox-Properties xsi:type= “DomainNiameObj:DomainNameObjectType" type= “FQDN"> <DomainNameObj:Value condition= “Equals” >Fightcovid19.shop</DomainNameObj:Value> </cybox:Properties> </cybox:Object> </indicator:Observable> </stix:Indicator> <stix:Indicator id= “CISA‘Indicator-2035a032-6b8d-4dd9-8752-7316af76e702" timestamp= “2020-04- 08T00:44:39.970417+00:00" xsi:type= “indicator:IndicatorType”> <indicator:Title>Malicious FQDN Indicator</indicator:Title> <indicator-Observable id= “CISA:Observable-463472d3-e45e-46c1-bf05-da7458cb943c"> <cybox:Object id= “CISA: Object-7728bd69-e724-4917-9550-9ae853becf28"> <cybox:Properties xsi:type= “DomainNameObj:DomainNameObjectType” type= “FQDN"> <DomainNameObj:Value condition= “Equals">nocovid19.shop</DomainNameObj:Value> </cybox:Properties> </cybox:Object> </indicator-Observable> </stixIndicator> <stix:Indicator id= “CISA:Indicator-8b56999b-a015-4399-ab80-ccaQbcaf7ebf" timestamp= “2020-04- 08T00:44:39.970554+00:00" xsi:type= “indicator:Indicatorlype"> <indicator:Title>Malicious FQDN Indicator</indicator:Title> <indicator:Observable id= “CISA:Observable-0648e1 db-aa4e-4aca-914e-ea0ccd445254"> <cybox:Object id= “CISA: Object-db21b6ca-0c1b-474d-8bf7-950ead2d9760"> <cybox:Properties xsi:type= ‘DomainNameObj-DomainNameObjectType" type= “FQDN"> <DomainNameObj:Value condition= "Equals">stopcovid19.shop</DomainNameObj:Value> </cybox:Properties> <Icybox:Object> </indicator:Observable> </stix:Indicator>

Refer to the exhibit.

Which two actions should be taken based on the intelligence information? (Choose two.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

BD.

Prev Question Next Question