View Mode
Q: 2
A security team is notified from a Cisco ESA solution that an employee received an advertising email with an attached .pdf extension file. The employee opened the attachment, which appeared to be an empty document. The security analyst cannot identify clear signs of compromise but reviews running processes and determines that PowerShell.exe was spawned by CMD.exe with a grandparent AcroRd32.exe process. Which two actions should be taken to resolve this issue? (Choose two.)
Options
Question 2 of 25

Premium Access Includes

  • Quiz Simulator
  • Exam Mode
  • Progress Tracking
  • Question Saving
  • Flash Cards
  • Drag & Drops
  • 3 Months Access
  • PDF Downloads
Get Premium Access
Scroll to Top

FLASH OFFER

Days
Hours
Minutes
Seconds

avail 10% DISCOUNT on YOUR PURCHASE

  • USE THE CODE GIVEN BELOW ON YOUR CHECKOUT
DISCOUNT10