Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 350-201

Cisco® 350-201 Exam Practice Questions (P. 5)

  • Full Access (139 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
An organization had several cyberattacks over the last 6 months and has tasked an engineer with looking for patterns or trends that will help the organization anticipate future attacks and mitigate them. Which data analytic technique should the engineer use to accomplish this task?
  1. A
    diagnostic
  2. B
    qualitative
  3. C
    predictive
  4. D
    statistical

Correct Answer:
C
Reference:
https://insights.principa.co.za/4-types-of-data-analytics-descriptive-diagnostic-predictive-prescriptive

Question #22
A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat. What is the first action for the incident response team?
  1. A
    Assess the network for unexpected behavior
  2. B
    Isolate critical hosts from the network
  3. C
    Patch detected vulnerabilities from critical hosts
  4. D
    Perform analysis based on the established risk factors

Correct Answer:
B

Question #23

Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low prevalence file to the Threat Grid analysis engine. What should be concluded from this report?
  1. A
    Threat scores are high, malicious ransomware has been detected, and files have been modified
  2. B
    Threat scores are low, malicious ransomware has been detected, and files have been modified
  3. C
    Threat scores are high, malicious activity is detected, but files have not been modified
  4. D
    Threat scores are low and no malicious file activity is detected

Correct Answer:
B

Question #24
An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle. The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually. Which action will improve workflow automation?
  1. A
    Implement a new workflow within SOAR to create tickets in the incident response system, assign problematic certificate update requests to server owners, and register change requests.
  2. B
    Integrate a PKI solution within SOAR to create certificates within the SOAR engines to track, update, and monitor problematic certificates.
  3. C
    Implement a new workflow for SOAR to fetch a report of assets that are outside of the PKI zone, sort assets by certification management leads and automate alerts that updates are needed.
  4. D
    Integrate a SOAR solution with Active Directory to pull server owner details from the AD and send an automated email for problematic certificates requesting updates.

Correct Answer:
C

Question #25
DRAG DROP -
Drag and drop the NIST incident response process steps from the left onto the actions that occur in the steps on the right.
Select and Place:


Correct Answer:

 Reference:
https://www.securitymetrics.com/blog/6-phases-incident-response-plan

Previous Questions Next Questions

All Pages