CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-201

Free 350-201 Exam Braindumps (page: 15)

Page 14 of 35
PDF with 139 Questions

Refer to the exhibit. An engineer received a report that an attacker has compromised a workstation and gained access to sensitive customer data from the network using insecure protocols. Which action prevents this type of attack in the future?

  1. Use VLANs to segregate zones and the firewall to allow only required services and secured protocols
  2. Deploy a SOAR solution and correlate log alerts from customer zones
  3. Deploy IDS within sensitive areas and continuously update signatures
  4. Use syslog to gather data from multiple sources and detect intrusion logs for timely responses

Answer(s): A



How does Wireshark decrypt TLS network traffic?

  1. with a key log file using per-session secrets
  2. using an RSA public key
  3. by observing DH key exchange
  4. by defining a user-specified decode-as

Answer(s): A


Reference:

https://wiki.wireshark.org/TLS



Refer to the exhibit. An organization is using an internal application for printing documents that requires a separate registration on the website. The application allows format-free user creation, and users must match these required conditions to comply with the company’s user creation policy:
-minimum length: 3
-usernames can only use letters, numbers, dots, and underscores
-usernames cannot begin with a number


The application administrator has to manually change and track these daily to ensure compliance. An engineer is tasked to implement a script to automate the process according to the company user creation policy. The engineer implemented this piece of code within the application, but users are still able to create format-free usernames. Which change is needed to apply the restrictions?

  1. modify code to return error on restrictions def return false_user(username, minlen)
  2. automate the restrictions def automate_user(username, minlen)
  3. validate the restrictions, def validate_user(username, minlen)
  4. modify code to force the restrictions, def force_user(username, minlen)

Answer(s): B



An engineer implemented a SOAR workflow to detect and respond to incorrect login attempts and anomalous user behavior. Since the implementation, the security team has received dozens of false positive alerts and negative feedback from system administrators and privileged users. Several legitimate users were tagged as a threat and their accounts blocked, or credentials reset because of unexpected login times and incorrectly typed credentials. How should the workflow be improved to resolve these issues?

  1. Meet with privileged users to increase awareness and modify the rules for threat tags and anomalous behavior alerts
  2. Change the SOAR configuration flow to remove the automatic remediation that is increasing the false positives and triggering threats
  3. Add a confirmation step through which SOAR informs the affected user and asks them to confirm whether they made the attempts
  4. Increase incorrect login tries and tune anomalous user behavior not to affect privileged accounts

Answer(s): B






Post your Comments and Discuss Cisco® 350-201 exam with other Community members:

350-201 Discussions & Posts