CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-201

Free 350-201 Exam Braindumps (page: 7)

Page 6 of 35
PDF with 139 Questions

An organization had several cyberattacks over the last 6 months and has tasked an engineer with looking for patterns or trends that will help the organization anticipate future attacks and mitigate them. Which data analytic technique should the engineer use to accomplish this task?

  1. diagnostic
  2. qualitative
  3. predictive
  4. statistical

Answer(s): C


Reference:

https://insights.principa.co.za/4-types-of-data-analytics-descriptive-diagnostic-predictive-prescriptive



A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat. What is the first action for the incident response team?

  1. Assess the network for unexpected behavior
  2. Isolate critical hosts from the network
  3. Patch detected vulnerabilities from critical hosts
  4. Perform analysis based on the established risk factors

Answer(s): B



Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low prevalence file to the Threat Grid analysis engine. What should be concluded from this report?

  1. Threat scores are high, malicious ransomware has been detected, and files have been modified
  2. Threat scores are low, malicious ransomware has been detected, and files have been modified
  3. Threat scores are high, malicious activity is detected, but files have not been modified
  4. Threat scores are low and no malicious file activity is detected

Answer(s): B



An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle. The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually. Which action will improve workflow automation?

  1. Implement a new workflow within SOAR to create tickets in the incident response system, assign problematic certificate update requests to server owners, and register change requests.
  2. Integrate a PKI solution within SOAR to create certificates within the SOAR engines to track, update, and monitor problematic certificates.
  3. Implement a new workflow for SOAR to fetch a report of assets that are outside of the PKI zone, sort assets by certification management leads and automate alerts that updates are needed.
  4. Integrate a SOAR solution with Active Directory to pull server owner details from the AD and send an automated email for problematic certificates requesting updates.

Answer(s): C






Post your Comments and Discuss Cisco® 350-201 exam with other Community members:

350-201 Discussions & Posts