350-201のPDF試験材料2023年最新の実際に出る350-201問題集 [Q77-Q100]

Share

350-201のPDF試験材料2023年最新の実際に出る350-201問題集

更新されたのはCisco 350-201問題集PDFオンラインエンジン


Cisco 350-201試験は、Cisco Security Technologiesを使用してサイバーセキュリティオペレーションを実行するための知識とスキルに焦点を当てた認定テストです。この試験は、Ciscoテクノロジーを使用してセキュリティの脅威を特定、分析、軽減する専門知識を証明したい個人を対象としています。


Cisco 350-201試験に対して準備するためには、サイバーセキュリティの概念と原則を徹底的に理解し、Ciscoのセキュリティテクノロジーを実装および管理するハンズオンの経験が必要です。Ciscoは、オンライントレーニング、インストラクターレッドトレーニング、セルフペーストレーニングモジュールなどのさまざまなトレーニングコースと教材を提供しており、候補者が試験に備えるのに役立ちます。候補者は、オンラインの学習グループに参加したり、認定された専門家からアドバイスを求めたりして、準備を強化することもできます。

 

質問 # 77
An engineer has created a bash script to automate a complicated process. During script execution, this error occurs: permission denied. Which command must be added to execute this script?

  • A. source ex.sh
  • B. sh ex.sh
  • C. chmod +x ex.sh
  • D. chroot ex.sh

正解:C

解説:
Explanation/Reference: https://www.redhat.com/sysadmin/exit-codes-demystified


質問 # 78
Refer to the exhibit.

An engineer configured this SOAR solution workflow to identify account theft threats and privilege escalation, evaluate risk, and respond by resolving the threat. This solution is handling more threats than Security analysts have time to analyze. Without this analysis, the team cannot be proactive and anticipate attacks. Which action will accomplish this goal?

  • A. Exclude the step "BAN malicious IP" to allow analysts to conduct and track the remediation
  • B. Include a step "Take a Snapshot" to capture the endpoint state to contain the threat for analysis
  • C. Include a step "Reporting" to alert the security department of threats identified by the SOAR reporting engine
  • D. Exclude the step "Check for GeoIP location" to allow analysts to analyze the location and the associated risk based on asset criticality

正解:A


質問 # 79

Refer to the exhibit. Which data format is being used?

  • A. JSON
  • B. HTML
  • C. XML
  • D. CSV

正解:B


質問 # 80
Refer to the exhibit.

Which two steps mitigate attacks on the webserver from the Internet? (Choose two.)

  • A. Move the webserver to the internal network
  • B. Implement a proxy server in the DMZ network
  • C. Create an ACL on the firewall to allow only external connections
  • D. Create an ACL on the firewall to allow only TLS 1.3

正解:A、B


質問 # 81
Refer to the exhibit.

An employee is a victim of a social engineering phone call and installs remote access software to allow an "MS Support" technician to check his machine for malware. The employee becomes suspicious after the remote technician requests payment in the form of gift cards. The employee has copies of multiple, unencrypted database files, over 400 MB each, on his system and is worried that the scammer copied the files off but has no proof of it. The remote technician was connected sometime between 2:00 pm and 3:00 pm over https. What should be determined regarding data loss between the employee's laptop and the remote technician's system?

  • A. The database files integrity was violated
  • B. The database files were disclosed
  • C. The database files were intentionally corrupted, and encryption is possible
  • D. No database files were disclosed

正解:A


質問 # 82
How does Wireshark decrypt TLS network traffic?

  • A. by defining a user-specified decode-as
  • B. using an RSA public key
  • C. with a key log file using per-session secrets
  • D. by observing DH key exchange

正解:C

解説:
Explanation/Reference: https://wiki.wireshark.org/TLS


質問 # 83
An engineer is analyzing a possible compromise that happened a week ago when the company database servers unexpectedly went down. The analysis reveals that attackers tampered with Microsoft SQL Server Resolution Protocol and launched a DDoS attack. The engineer must act quickly to ensure that all systems are protected. Which two tools should be used to detect and mitigate this type of future attack? (Choose two.)

  • A. Wireshark
  • B. autopsy
  • C. IPS
  • D. SHA512
  • E. firewall

正解:A、E


質問 # 84

Refer to the exhibit. An engineer received a report that an attacker has compromised a workstation and gained access to sensitive customer data from the network using insecure protocols. Which action prevents this type of attack in the future?

  • A. Deploy IDS within sensitive areas and continuously update signatures
  • B. Use syslog to gather data from multiple sources and detect intrusion logs for timely responses
  • C. Deploy a SOAR solution and correlate log alerts from customer zones
  • D. Use VLANs to segregate zones and the firewall to allow only required services and secured protocols

正解:D


質問 # 85
Refer to the exhibit.

How must these advisories be prioritized for handling?

  • A. The highest priority for handling depends on the type of institution deploying the devices
  • B. Vulnerability #1 is the highest priority for every type of institution
  • C. Vulnerability #2 is the highest priority for every type of institution
  • D. Vulnerability #1 and vulnerability #2 have the same priority

正解:B


質問 # 86
An engineer is utilizing interactive behavior analysis to test malware in a sandbox environment to see how the malware performs when it is successfully executed. A location is secured to perform reverse engineering on a piece of malware. What is the next step the engineer should take to analyze this malware?

  • A. Disassemble the malware to understand how it was constructed
  • B. Unpack the file in a sandbox to see how it reacts
  • C. Research the malware online to see if there are noted findings
  • D. Run the program through a debugger to see the sequential actions

正解:C


質問 # 87
A threat actor attacked an organization's Active Directory server from a remote location, and in a thirty-minute timeframe, stole the password for the administrator account and attempted to access 3 company servers. The threat actor successfully accessed the first server that contained sales data, but no files were downloaded. A second server was also accessed that contained marketing information and 11 files were downloaded. When the threat actor accessed the third server that contained corporate financial data, the session was disconnected, and the administrator's account was disabled. Which activity triggered the behavior analytics tool?

  • A. accessing the server with financial data
  • B. downloading more than 10 files
  • C. accessing the Active Directory server
  • D. accessing multiple servers

正解:D


質問 # 88
According to GDPR, what should be done with data to ensure its confidentiality, integrity, and availability?

  • A. Conduct penetration testing
  • B. Perform a vulnerability assessment
  • C. Conduct a data protection impact assessment
  • D. Perform awareness testing

正解:C


質問 # 89
Refer to the exhibit.

Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low prevalence file to the Threat Grid analysis engine. What should be concluded from this report?

  • A. Threat scores are low and no malicious file activity is detected
  • B. Threat scores are high, malicious ransomware has been detected, and files have been modified
  • C. Threat scores are low, malicious ransomware has been detected, and files have been modified
  • D. Threat scores are high, malicious activity is detected, but files have not been modified

正解:C


質問 # 90
The SIEM tool informs a SOC team of a suspicious file. The team initializes the analysis with an automated sandbox tool, sets up a controlled laboratory to examine the malware specimen, and proceeds with behavioral analysis. What is the next step in the malware analysis process?

  • A. Document findings and clean-up the laboratory.
  • B. Contain the subnet in which the suspicious file was found.
  • C. Unpack the specimen and perform memory forensics.
  • D. Perform static and dynamic code analysis of the specimen.

正解:C


質問 # 91
Drag and drop the NIST incident response process steps from the left onto the actions that occur in the steps on the right.

正解:

解説:

Reference:
https://www.securitymetrics.com/blog/6-phases-incident-response-plan


質問 # 92
Refer to the exhibit.

An engineer is performing static analysis of a file received and reported by a user. Which risk is indicated in this STIX?

  • A. The file is redirecting users to the website that is downloading ransomware to encrypt files.
  • B. The file is redirecting users to a website that harvests cookies and stored account information.
  • C. The file is redirecting users to a website that is determining users' geographic location.
  • D. The file is redirecting users to a website that requests privilege escalations from the user.

正解:C


質問 # 93
An organization had an incident with the network availability during which devices unexpectedly malfunctioned. An engineer is investigating the incident and found that the memory pool buffer usage reached a peak before the malfunction. Which action should the engineer take to prevent this issue from reoccurring?

  • A. Disable memory limit.
  • B. Enable memory threshold notifications.
  • C. Disable CPU threshold trap toward the SNMP server.
  • D. Enable memory tracing notifications.

正解:B


質問 # 94
Drag and drop the NIST incident response process steps from the left onto the actions that occur in the steps on the right.

正解:

解説:

Reference:
https://www.securitymetrics.com/blog/6-phases-incident-response-plan


質問 # 95
A threat actor has crafted and sent a spear-phishing email with what appears to be a trustworthy link to the site of a conference that an employee recently attended. The employee clicked the link and was redirected to a malicious site through which the employee downloaded a PDF attachment infected with ransomware. The employee opened the attachment, which exploited vulnerabilities on the desktop. The ransomware is now installed and is calling back to its command and control server. Which security solution is needed at this stage to mitigate the attack?

  • A. email security solution
  • B. web security solution
  • C. endpoint security solution
  • D. network security solution

正解:D


質問 # 96
Refer to the exhibit. Which indicator of compromise is represented by this STIX?

  • A. cross-site scripting vulnerability to backdoor server
  • B. web server vulnerability exploited by malware
  • C. website redirecting traffic to ransomware server
  • D. website hosting malware to download files

正解:B


質問 # 97
An engineer received multiple reports from users trying to access a company website and instead of landing on the website, they are redirected to a malicious website that asks them to fill in sensitive personal dat a. Which type of attack is occurring?

  • A. Address Resolution Protocol poisoning
  • B. Domain Name System poisoning
  • C. session hijacking attack
  • D. teardrop attack

正解:B


質問 # 98
An engineer wants to review the packet overviews of SNORT alerts. When printing the SNORT alerts, all the packet headers are included, and the file is too large to utilize. Which action is needed to correct this problem?

  • A. Modify the alert rule to "output alert_syslog: output header"
  • B. Modify the output module rule to "output alert_quick: output filename"
  • C. Modify the alert rule to "output alert_syslog: output log"
  • D. Modify the output module rule to "output alert_fast: output filename"

正解:C

解説:
Reference:
%2F20201231%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20201231T141156Z&X-Amz- Expires=172800&X-Amz-SignedHeaders=host&X-Amz- Signature=e122ab6eb1659e13b3bc6bb2451ce693c0298b76c1962c3743924bc5fd83d382


質問 # 99
An engineer is developing an application that requires frequent updates to close feedback loops and enable teams to quickly apply patches. The team wants their code updates to get to market as often as possible. Which software development approach should be used to accomplish these goals?

  • A. continuous deployment
  • B. continuous monitoring
  • C. continuous delivery
  • D. continuous integration

正解:C


質問 # 100
......

Cisco 350-201問題集PDFのベストを目指すなら問題集を使おう!高得点目指すならここ:https://jp.fast2test.com/350-201-premium-file.html

350-201のPDFで問題解答!PDFサンプル問題は信頼され続ける:https://drive.google.com/open?id=1NDniYG62HtcQaczoM5mRkuFPj2EfgNoY


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어