What is the potential threat identified in this Stealthwatch dashboard?

200-201 0 Comments

Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?
A . A policy violation is active for host 10.10.101.24.
B . A host on the network is sending a DDoS attack to another inside host.
C . There are three active data exfiltration alerts.
D . A policy violation is active for host 10.201.3.149.

Answer: C

Explanation:

"EX" = exfiltration

And there are three.

Also the "suspect long flow" and "suspect data heading" suggest, for example, DNS exfiltration

https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/management_console/smc_users_guide/SW_6_9_0_SMC_Users_Guide_DV_1_2.pdf page 177.

Latest 200-201 Dumps Valid Version with 154 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 200-201 PDF     200-201 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments