Questions for the 350-201 were updated on : Oct 05 ,2024
Refer to the exhibit. An engineer configured this SOAR solution workflow to identify account theft threats and privilege
escalation, evaluate risk, and respond by resolving the threat. This solution is handling more threats than Security analysts
have time to analyze. Without this analysis, the team cannot be proactive and anticipate attacks. Which action will
accomplish this goal?
A
Refer to the exhibit. Rapid Threat Containment using Cisco Secure Network Analytics (Stealthwatch) and ISE detects the
threat of malware-infected 802.1x authenticated endpoints and places that endpoint into a quarantine VLAN using Adaptive
Network Control policy. Which method was used to signal ISE to quarantine the endpoints?
C
Refer to the exhibit. For IP 192.168.1.209, what are the risk level, activity, and next step?
A
DRAG DROP
Drag and drop the function on the left onto the mechanism on the right.
Select and Place:
Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low
prevalence file to the Threat Grid analysis engine. What should be concluded from this report?
B
An engineer is investigating several cases of increased incoming spam emails and suspicious emails from the HR and
service departments. While checking the event sources, the website monitoring tool showed several web scraping alerts
overnight. Which type of compromise is indicated?
C
Refer to the exhibit. Which command was executed in PowerShell to generate this log?
A
Explanation:
Reference: https://lists.xymon.com/archive/2019-March/046125.html
Refer to the exhibit. An engineer notices a significant anomaly in the traffic in one of the host groups in Cisco Secure
Network Analytics (Stealthwatch) and must analyze the top data transmissions. Which tool accomplishes this task?
B
Explanation:
Reference: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2018/pdf/BRKSEC-3014.pdf
An audit is assessing a small business that is selling automotive parts and diagnostic services. Due to increased customer
demands, the company recently started to accept credit card payments and acquired a POS terminal. Which compliance
regulations must the audit apply to the company?
D
Explanation:
Reference: https://upserve.com/restaurant-insider/restaurant-pos-pci-compliance-checklist/
Where do threat intelligence tools search for data to identify potential malicious IP addresses, domain names, and URLs?
D
Refer to the exhibit. What results from this script?
B
A cloud engineer needs a solution to deploy applications on a cloud without being able to manage and control the server OS.
Which type of cloud environment should be used?
A
DRAG DROP
Drag and drop the type of attacks from the left onto the cyber kill chain stages at which the attacks are seen on the right.
Select and Place:
A new malware variant is discovered hidden in pirated software that is distributed on the Internet. Executives have asked for
an organizational risk assessment. The security officer is given a list of all assets. According to NIST, which two elements
are missing to calculate the risk assessment? (Choose two.)
B E
Explanation:
Reference: https://cloudogre.com/risk-assessment/
A security expert is investigating a breach that resulted in a $32 million loss from customer accounts. Hackers were able to
steal API keys and two-factor codes due to a vulnerability that was introduced in a new code a few weeks before the attack.
Which step was missed that would have prevented this breach?
D
Explanation:
Reference: https://securityintelligence.com/how-to-prioritize-security-vulnerabilities-in-secdevops/