Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 92

A threat actor has crafted and sent a spear-phishing email with what appears to be a trustworthy link to the site of a conference that an employee recently attended. The employee clicked the link and was redirected to a malicious site through which the employee downloaded a PDF attachment infected with ransomware. The employee opened the attachment, which exploited vulnerabilities on the desktop. The ransomware is now installed and is calling back to its command and control server. Which security solution is needed at this stage to mitigate the attack?

Answer options

• A. web security solution
• B. email security solution
• C. endpoint security solution
• D. network security solution

Correct answer: D

Explanation

At this stage, a network security solution is essential because it can help identify and block the ransomware's communication with the command and control server, preventing further exploitation. While endpoint security solutions focus on protecting individual devices, the immediate priority is to stop the spread and communication of the ransomware at the network level. Web and email security solutions are less relevant at this point since the attack has already occurred.