A security team is notified from a Cisco ESA solution that an employee received an...

Cisco 300-215 Question Answer

A security team is notified from a Cisco ESA solution that an employee received an advertising email with an attached .pdf extension file. The employee opened the attachment, which appeared to be an empty document. The security analyst cannot identify clear signs of compromise but reviews running processes and determines that PowerShell.exe was spawned by CMD.exe with a grandparent AcroRd32.exe process. Which two actions should be taken to resolve this issue? (Choose two.)

Upload the .pdf file to Cisco Threat Grid and analyze suspicious activity in depth.

No action is required because this behavior is standard for .pdf files.

Check the Windows Event Viewer for security logs about the incident.

Quarantine this workstation for further investigation, as this event is an indication of suspicious activity.

Investigate the reputation of the sender address and temporarily block all communications with this email domain.

Cisco 300-215 View All Questions

Cisco 300-215 Summary

Vendor: Cisco
Product: 300-215
Update on: Mar 25, 2026
Questions: 131

Price: $52.5 ~~$149.99~~

Buy Now 300-215 PDF + Testing Engine Pack

What is an issue with digital forensics in cloud environments, from a security point of...

Which issue is associated with gathering evidence from virtualized environments provided by major cloud vendors?

Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A security team is notified from a Cisco ESA solution that an employee received an...

The Answer Is:

Explanation:

Cisco 300-215 Summary

Payments We Accept

Contact Us