Which two pieces of information from the analysis report are needed to investigate the callouts?

200-201 V3 0 Comments

An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection.

Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)
A . signatures
B . host IP addresses
C . file size
D . dropped files
E . domain names

Answer: B, E

Explanation:

To investigate the callouts made post infection, it’s essential to know where the callouts were made to (domain names) and from which host IP addresses they originated. This information can help trace back the source and destination, aiding in understanding the nature of the callouts.

Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Working_with_Indicators_of_Compromise.html

Latest 200-201 Dumps Valid Version with 154 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 200-201 PDF     200-201 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments