CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-201

Free 350-201 Exam Braindumps (page: 13)

Page 12 of 35
PDF with 139 Questions

A security architect is working in a processing center and must implement a DLP solution to detect and prevent any type of copy and paste attempts of sensitive data within unapproved applications and removable devices. Which technical architecture must be used?

  1. DLP for data in motion
  2. DLP for removable data
  3. DLP for data in use
  4. DLP for data at rest

Answer(s): C


Reference:

https://www.endpointprotector.com/blog/what-is-data-loss-prevention-dlp/



A security analyst receives an escalation regarding an unidentified connection on the Accounting A1 server within a monitored zone. The analyst pulls the logs and discovers that a Powershell process and a WMI tool process were started on the server after the connection was established and that a PE format file was created in the system directory. What is the next step the analyst should take?

  1. Isolate the server and perform forensic analysis of the file to determine the type and vector of a possible attack
  2. Identify the server owner through the CMDB and contact the owner to determine if these were planned and identifiable activities
  3. Review the server backup and identify server content and data criticality to assess the intrusion risk
  4. Perform behavioral analysis of the processes on an isolated workstation and perform cleaning procedures if the file is malicious

Answer(s): C



A security expert is investigating a breach that resulted in a $32 million loss from customer accounts. Hackers were able to steal API keys and two-factor codes due to a vulnerability that was introduced in a new code a few weeks before the attack. Which step was missed that would have prevented this breach?

  1. use of the Nmap tool to identify the vulnerability when the new code was deployed
  2. implementation of a firewall and intrusion detection system
  3. implementation of an endpoint protection system
  4. use of SecDevOps to detect the vulnerability during development

Answer(s): D


Reference:

https://securityintelligence.com/how-to-prioritize-security-vulnerabilities-in-secdevops/



An API developer is improving an application code to prevent DDoS attacks. The solution needs to accommodate instances of a large number of API requests coming for legitimate purposes from trustworthy services. Which solution should be implemented?

  1. Restrict the number of requests based on a calculation of daily averages. If the limit is exceeded, temporarily block access from the IP address and return a 402 HTTP error code.
  2. Implement REST API Security Essentials solution to automatically mitigate limit exhaustion. If the limit is exceeded, temporarily block access from the service and return a 409 HTTP error code.
  3. Increase a limit of replies in a given interval for each API. If the limit is exceeded, block access from the API key permanently and return a 450 HTTP error code.
  4. Apply a limit to the number of requests in a given time interval for each API. If the rate is exceeded, block access from the API key temporarily and return a 429 HTTP error code.

Answer(s): D


Reference:

https://www.whoishostingthis.com/resources/http-status-codes/






Post your Comments and Discuss Cisco® 350-201 exam with other Community members:

350-201 Discussions & Posts