ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-215 All Questions

View all questions & answers for the 300-215 exam
Go to Exam

Exam 300-215 topic 1 question 1 discussion

Actual exam question from Cisco's 300-215
Question #: 1
Topic #: 1
[All 300-215 Questions]

A security team is discussing lessons learned and suggesting process changes after a security breach incident. During the incident, members of the security team failed to report the abnormal system activity due to a high project workload. Additionally, when the incident was identified, the response took six hours due to management being unavailable to provide the approvals needed. Which two steps will prevent these issues from occurring in the future? (Choose two.)

  • A. Introduce a priority rating for incident response workloads.
  • B. Provide phishing awareness training for the fill security team.
  • C. Conduct a risk audit of the incident response workflow.
  • D. Create an executive team delegation plan.
  • E. Automate security alert timeframes with escalation triggers.
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by [deleted] at June 14, 2024, 6:22 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
[Removed]
8 months, 2 weeks ago
Selected Answer: AE
A-E is right answer.
upvoted 1 times
...
greeklover84
10 months, 2 weeks ago
Selected Answer: AD
I would suggest A,D A is for priority management of workload. D is for escalation to management delegation.
upvoted 1 times
greeklover84
9 months, 2 weeks ago
fully agree!!
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago