ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 210-255 All Questions

View all questions & answers for the 210-255 exam
Go to Exam

Exam 210-255 topic 1 question 61 discussion

Actual exam question from Cisco's 210-255
Question #: 61
Topic #: 1
[All 210-255 Questions]

You have run a suspicious file in a sandbox analysis tool to see what the file does. The analysis report shows that outbound callouts were made post infection.
Which two pieces of information from the analysis report are needed or required to investigate the callouts? (Choose two.)

  • A. file size
  • B. domain names
  • C. dropped files
  • D. signatures
  • E. host IP addresses
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
Reference:
https://digital-forensics.sans.org/blog/2012/07/26/four-focus-areas-of-malware-analysis
by [deleted] at April 3, 2025, 12:34 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel