CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-201

Free 350-201 Exam Braindumps (page: 18)

Page 17 of 35
PDF with 139 Questions

How is a SIEM tool used?

  1. To collect security data from authentication failures and cyber attacks and forward it for analysis
  2. To search and compare security data against acceptance standards and generate reports for analysis
  3. To compare security alerts against configured scenarios and trigger system responses
  4. To collect and analyze security data from network devices and servers and produce alerts

Answer(s): D


Reference:

https://www.varonis.com/blog/what-is-siem/



Refer to the exhibit. An engineer is reverse engineering a suspicious file by examining its resources. What does this file indicate?

  1. a DOS MZ executable format
  2. a MS-DOS executable archive
  3. an archived malware
  4. a Windows executable file

Answer(s): D


Reference:

https://stackoverflow.com/questions/2577545/why-is-this-program-cannot-be-run-in-dos-mode-text- present-in-dll-files#:~:text=The%20linker%20places%20a%20default,using%20the%20%2FSTUB%20linker%20option.&text=This%20information%20enables%20Windows%20to,has%20an%20MS-DOS%20stub.



Refer to the exhibit. An engineer is performing a static analysis on a malware and knows that it is capturing keys and webcam events on a company server. What is the indicator of compromise?

  1. The malware is performing comprehensive fingerprinting of the host, including a processor, motherboard manufacturer, and connected removable storage.
  2. The malware is a ransomware querying for installed anti-virus products and operating systems to encrypt and render unreadable until payment is made for file decryption.
  3. The malware has moved to harvesting cookies and stored account information from major browsers and configuring a reverse proxy for intercepting network activity.
  4. The malware contains an encryption and decryption routine to hide URLs/IP addresses and is storing the output of loggers and webcam captures in locally encrypted files for retrieval.

Answer(s): B



An audit is assessing a small business that is selling automotive parts and diagnostic services. Due to increased customer demands, the company recently started to accept credit card payments and acquired a POS terminal. Which compliance regulations must the audit apply to the company?

  1. HIPAA
  2. FISMA
  3. COBIT
  4. PCI DSS

Answer(s): D


Reference:

https://upserve.com/restaurant-insider/restaurant-pos-pci-compliance-checklist/






Post your Comments and Discuss Cisco® 350-201 exam with other Community members:

350-201 Discussions & Posts