Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Isc Discussions

Exam CISSP topic 1 question 428 discussion

Actual exam question from ISC's CISSP
Question #: 428
Topic #: 1
[All CISSP Questions]

A security operations center (SOC) discovers a recently deployed router beaconing to a malicious website. Replacing the router fixes the issue. What is the MOST likely cause of the router’s behavior?

  • A. The network administrator failed to reconfigure the router’s access control list (ACL).
  • B. The router was damaged during shipping or installed incorrectly.
  • C. The router was counterfeit and acquired through unauthorized channels.
  • D. The network administrator failed to update the router’s firmware.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by JohnyDal at Feb. 18, 2023, 5:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
JohnyDal
Highly Voted 1 year, 2 months ago
Selected Answer: C
The router was beaconing to a malicious site. This is a sign of root kit like malware messing up the newly installed router. This is a tell-tale sign of a counterfeit product.
upvoted 10 times
jackdryan
11 months, 1 week ago
C is correct
upvoted 1 times
...
...
YesPlease
Most Recent 3 months, 4 weeks ago
Selected Answer: D
First time I am guessing and don't have more concrete proof of answer since this is so vague of a scenario. Answer D) The network administrator failed to update the router’s firmware. It is highly unlikely that a SOC will buy equipment from unauthorized channels, but they still may get some counterfeit equipment from a trusted seller as they may not know they were counterfeit to begin with. Ultimately, the admin didn't update the firmware first. (ACL doesn't matter at this level because it can get bypassed by firmware level). If they tried to update it, then they would most likely have noticed a problem. https://www.technewsworld.com/story/beware-of-counterfeit-network-equipment-86770.html#:~:text=The%20counterfeits https://www.cisa.gov/sites/default/files/2023-04/apt28-exploits-known-vulnerability-to-carry-out-reconnaissance-and-deploy-malware-on-cisco-routers-uk.pdf
upvoted 1 times
...
sausageman
1 year, 1 month ago
Selected Answer: C
Definitely C
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel