CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-201

Free 350-201 Exam Braindumps (page: 8)

Page 7 of 35
PDF with 139 Questions

Drag and drop the NIST incident response process steps from the left onto the actions that occur in the steps on the right.

Select and Place:

Exhibit A:



Exhibit B:

  1. Please refer to Exhibit B for the answer.

Answer(s): A


Reference:

https://www.securitymetrics.com/blog/6-phases-incident-response-plan



Which command does an engineer use to set read/write/execute access on a folder for everyone who reaches the resource?

  1. chmod 666
  2. chmod 774
  3. chmod 775
  4. chmod 777

Answer(s): D


Reference:

https://www.pluralsight.com/blog/it-ops/linux-file-permissions



A SIEM tool fires an alert about a VPN connection attempt from an unusual location. The incident response team validates that an attacker has installed a remote access tool on a user’s laptop while traveling. The attacker has the user’s credentials and is attempting to connect to the network.

What is the next step in handling the incident?

  1. Block the source IP from the firewall
  2. Perform an antivirus scan on the laptop
  3. Identify systems or services at risk
  4. Identify lateral movement

Answer(s): C



A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code execution attack occurred in a company’s infrastructure. Which steps should an engineer take at the recovery stage?

  1. Determine the systems involved and deploy available patches
  2. Analyze event logs and restrict network access
  3. Review access lists and require users to increase password complexity
  4. Identify the attack vector and update the IDS signature list

Answer(s): B






Post your Comments and Discuss Cisco® 350-201 exam with other Community members:

350-201 Discussions & Posts