Question 23 of 76 from exam 350-201-CBRCOR: Performing CyberOps Using Cisco Security Technologies

Question 23 of 76 from exam 350-201-CBRCOR: Performing CyberOps Using Cisco Security Technologies

Prev Question Next Question

Question

Analysis Report Filename 96482400446236cb3f5ad7 ed0s6bd7 7ad4014005eb6d0e gf 23ebd7OGOATOB7Sdatb 6ffe639ec9bfebc82.eml os favors 7 64-bit Aniyedae ‘SMTP mail, ASCII text ‘Started 10/13/20 06:22:43 120482400446236cb315ad7ed0360477ade40140058bEdOeEIe639, Ended 10/13/20 06:29:19 grpplence Duration 0:06:36 ‘SHAT d700bc a5b6Saat0c6 134702d9a28a6084692224 Sandbox fen-work-042 (pilot-d) mos 5801 163715089192a8177a52449658t Behavioral Indicators © Email References Localhost in Received Message Trace ‘Severity: 40 © Document Contains Embedded Material and Minimal Content Severity: 60 © Download Forced Open/Save Prompt Severity: 60 © Email With Different Sender and Return-Path Detected ‘Severity: 60 © Process Users Very Large Command-Line Severity:40 © File Downloaded to Disk Severity:30 ‘© Potential Code Injection Detected ‘Severity: 50 © HTTP Client Error Response Severity:50 ‘© Sample Communicates With Only Benign Domains Severity:20 © Executable with Encrypted Sections Severity: 30 ‘© Outbound Communications to Nginx Web Server Severity:25 ‘©Outbound HTTP POST Communications Severity:25 ‘©Document Queried Domain Severity:25 © Executable Imported the IsDebuggerPresent Symbol Severity:20

Refer to the exhibit.

Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low prevalence file to the Threat Grid analysis engine.

What should be concluded from this report?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B.

Prev Question Next Question