ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-201 All Questions

View all questions & answers for the 350-201 exam
Go to Exam

Exam 350-201 topic 1 question 100 discussion

Actual exam question from Cisco's 350-201
Question #: 100
Topic #: 1
[All 350-201 Questions]


Refer to the exhibit. An engineer is investigating a case with suspicious usernames within the active directory. After the engineer investigates and cross-correlates events from other sources, it appears that the 2 users are privileged, and their creation date matches suspicious network traffic that was initiated from the internal network 2 days prior. Which type of compromise is occurring?

  • A. compromised insider
  • B. compromised root access
  • C. compromised database tables
  • D. compromised network
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by DrVoIP at Feb. 18, 2023, 3:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TrainingTeam
6 months, 2 weeks ago
Selected Answer: D
The creation of privileged user accounts in the Active Directory that coincide with suspicious network traffic suggests a network compromise. This type of activity is often indicative of an attacker gaining sufficient access to create accounts with elevated privileges, which can be used for further malicious activities within the network. The cross-correlation of events from other sources that align with the timing of these account creations strengthens the case for a compromised network. This scenario is consistent with tactics used by attackers to maintain persistence and establish control over network resources for ongoing exploitation1.
upvoted 1 times
...
DrVoIP
2 years, 2 months ago
Compromised insider - ChatGPT
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago