Cisco 300-220 Certification Practice Questions & Answers

Question 6 of 60

How does multiproduct integration enhance data visibility and analysis in a corporate environment?

A.

Different teams use different tools so that they can crosscheck their results.

B.

A central data visualizer is integrated into the APIs of the products to correlate input.

C.

Backup tools are in place for use when the main tools are unavailable.

D.

Different GUIs are used to get different views of the same events.

Question 7 of 60

Refer to the exhibit.
Exam 300-220: Image 1

An increase in company traffic is observed by the SOC team. After they investigate the spike, it is concluded that the increase is due to ongoing scanning activity. Further analysis reveals that an adversary used Nmap for OS fingerprinting.
Which type of indicators used by the adversary sits highest on the Pyramid of Pain?

A.

UDPs

B.

network/host artifacts

C.

IP addresses

D.

port probes

Question 8 of 60

What is a limitation of automated dynamic malware analysis tools?

A.

They produce false positives and false negatives.

B.

They are time consuming when performed manually.

C.

Vulnerabilities in runtime environments cannot be found.

D.

All programming languages are not supported.

Question 9 of 60

What triggers unstructured threat hunting?

A.

indicators of attack

B.

indicators of compromise

C.

tactics, techniques, and procedures

D.

customized threat identification

Question 10 of 60

What is the classification of the pass-the-hash technique according to the MITRE ATT&CK framework?

A.

credential access

B.

lateral movement

C.

privilege escalation

D.

persistence