ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-201 All Questions

View all questions & answers for the 350-201 exam
Go to Exam

Exam 350-201 topic 1 question 122 discussion

Actual exam question from Cisco's 350-201
Question #: 122
Topic #: 1
[All 350-201 Questions]

A SOC team is investigating a recent, targeted social engineering attack on multiple employees. Cross-correlated log analysis revealed that two hours before the attack, multiple assets received requests on TCP port 79. Which action should be taken by the SOC team to mitigate this attack?

  • A. Disable BIND forwarding from the DNS server to avoid reconnaissance.
  • B. Disable affected assets and isolate them for further investigation.
  • C. Configure affected devices to disable NETRJS protocol.
  • D. Configure affected devices to disable the Finger service.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Bobster02 at Jan. 2, 2022, 2:06 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
27ea763
4 months, 4 weeks ago
Selected Answer: D
D as por TCP 79 refers to Finger
upvoted 1 times
...
DrVoIP
10 months ago
he correct answer is D. Configure affected devices to disable the Finger service. TCP port 79 is associated with the Finger protocol, which is a service that is commonly used by attackers to gather information about users and assets. The best way to mitigate this attack is to disable the Finger service on affected devices to prevent further reconnaissance by attackers. It is also recommended to investigate the source of the requests on TCP port 79 to identify any potential indicators of compromise and further harden the organization's security posture. - ChatGPT
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel