Quiz 600-199

Quiz 600-199, Securing Cisco Networks with Threat Detection and Analysis

which procedure should be documented ahead of time to speed the communication of a network attack?

Which data is the most useful to determine if a network attack was occurring from inbound Internet traffic?

Which step should be taken first when a server on a network is compromised?

which two options should be collected to help remediate the problem?

Which source should be used to recommend preventative measures against security vulnerabilities regardless of operating system or platform?

Which data from previous network attacks should be used to recommend architectural changes based on potential future impact?

Which three post-mortem steps are critical to help prevent a network attack from reoccurring?

Which two personal administrators should be involved to investigate further?