Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Cisco
  4. CyberOps Professional
  5. 300-215 Discussions
  6. 300-215 Exam Topic 3 Question 28 Discussion
 Cisco Discussions
Exam 300-215 All Questions
Exam 300-215 All Questions

View all questions & answers for the 300-215 exam

Go to Exam

Cisco CyberOps Professional 300-215 Question # 28 Topic 3 Discussion

300-215 Exam Topic 3 Question 28 Discussion:
Question #: 28
Topic #: 3

Refer to the exhibit.

300-215 Question 28

A security analyst is reviewing alerts from the SIEM system that was just implemented and notices a possible indication of an attack because the SSHD system just went live and there should be nobody using it. Which action should the analyst take to respond to the alert?
A.

Investigate the alert by checking SSH logs and correlating with other relevant data in SIEM.

B.

Reset the admin password in SSHD to prevent unauthorized access to the system at scale.

C.

Ignore the alert and continue monitoring for further activity because the system was just implemented.

D.

Immediately block the IP address 192.168.1.100 from accessing the SSHD environment.

Get Premium 300-215 Questions
Actual exam question for Cisco 300-215 exam by Lumen2618 at May 1, 2026, 5:36:13 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit