Cisco Exam 300-215 Topic 10 Question 71 Discussion

Actual exam question for Cisco's 300-215 exam

Question #: 71
Topic #: 10

Refer to the exhibit.

After a cyber attack, an engineer is analyzing an alert that was missed on the intrusion detection system. The attack exploited a vulnerability in a business critical, web-based application and violated its availability. Which two migration techniques should the engineer recommend? (Choose two.)

Aencapsulation

BNOP sled technique

Caddress space randomization

Dheap-based security

Edata execution prevention

Show Suggested Answer

Suggested Answer: C, E

by Staci at Mar 19, 2024, 11:20 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Armando

4 days ago

Haha, yeah, the NOP sled technique? That's more like something you'd see in a hacker movie, not a real-world security solution. I'm pretty confident that address space randomization and data execution prevention are the correct answers here.

upvoted 0 times

...

Ashley

5 days ago

Hmm, I agree that address space randomization and data execution prevention are probably the way to go. Those are commonly used to protect against code execution vulnerabilities in web apps. *chuckles* I wonder if the exam writers are trying to trick us with those other options.

upvoted 0 times

...

Jani

6 days ago

You're on the right track, but I'm not sure about encapsulation and the NOP sled technique being the best choices here. Those seem more related to low-level exploit techniques rather than defensive measures.

upvoted 0 times

...

Gabriele

7 days ago

This question seems to be focused on security measures to mitigate a web application vulnerability. I'm not entirely sure about the correct answers, but I think address space randomization and data execution prevention could be good options.

upvoted 0 times

...