350-201無料問題集「Cisco Performing CyberOps Using Cisco Security Technologies」

質問 1

An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle.
The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually.
Which action will improve workflow automation?

（A）Integrate a PKI solution within SOAR to create certificates within the SOAR engines to track, update, and monitor problematic certificates.

（B）Implement a new workflow for SOAR to fetch a report of assets that are outside of the PKI zone, sort assets by certification management leads and automate alerts that updates are needed.

（C）Integrate a SOAR solution with Active Directory to pull server owner details from the AD and send an automated email for problematic certificates requesting updates.

（D）Implement a new workflow within SOAR to create tickets in the incident response system, assign problematic certificate update requests to server owners, and register change requests.

正解：B 解答を投票する

質問 2

What is the HTTP response code when the REST API information requested by the authenticated user cannot be found?

（A）404

（B）405

（C）402

（D）401

（E）403

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Refer to the exhibit.

Based on the detected vulnerabilities, what is the next recommended mitigation step?

（A）Evaluate service disruption and associated risk before prioritizing patches.

（B）Perform root cause analysis for all detected vulnerabilities.

（C）Remediate all vulnerabilities with descending CVSS score order.

（D）Temporarily shut down unnecessary services until patch deployment ends.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

An employee who often travels abroad logs in from a first-seen country during non-working hours. The SIEM tool generates an alert that the user is forwarding an increased amount of emails to an external mail domain and then logs out. The investigation concludes that the external domain belongs to a competitor. Which two behaviors triggered UEBA? (Choose two.)

（A）log in from a first-seen country

（B）increased number of sent mails

（C）domain belongs to a competitor

（D）log in during non-working hours

（E）email forwarding to an external domain

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

An engineer received multiple reports from users trying to access a company website and instead of landing on the website, they are redirected to a malicious website that asks them to fill in sensitive personal data. Which type of attack is occurring?

（A）Domain Name System poisoning

（B）session hijacking attack

（C）Address Resolution Protocol poisoning

（D）teardrop attack

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

An organization had several cyberattacks over the last 6 months and has tasked an engineer with looking for patterns or trends that will help the organization anticipate future attacks and mitigate them. Which data analytic technique should the engineer use to accomplish this task?

（A）qualitative

（B）statistical

（C）predictive

（D）diagnostic

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A European-based advertisement company collects tracking information from partner websites and stores it on a local server to provide tailored ads. Which standard must the company follow to safeguard the resting data?

（A）GDPR

（B）PCI-DSS

（C）Sarbanes-Oxley

（D）HIPAA

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.861.2117.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?

（A）DDoS attack

（B）virus outbreak

（C）malware outbreak

（D）phishing attack

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

An engineer detects an intrusion event inside an organization's network and becomes aware that files that contain personal data have been accessed. Which action must be taken to contain this attack?

（A）Access the affected server to confirm compromised files are encrypted.

（B）Determine the attack surface.

（C）Disconnect the affected server from the network.

（D）Analyze the source.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Refer to the exhibit.

An engineer configured this SOAR solution workflow to identify account theft threats and privilege escalation, evaluate risk, and respond by resolving the threat. This solution is handling more threats than Security analysts have time to analyze. Without this analysis, the team cannot be proactive and anticipate attacks. Which action will accomplish this goal?

（A）Exclude the step "Check for GeoIP location" to allow analysts to analyze the location and the associated risk based on asset criticality

（B）Include a step "Take a Snapshot" to capture the endpoint state to contain the threat for analysis

（C）Include a step "Reporting" to alert the security department of threats identified by the SOAR reporting engine

（D）Exclude the step "BAN malicious IP" to allow analysts to conduct and track the remediation

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

350-201 無料問題集「Cisco Performing CyberOps Using Cisco Security Technologies」

弊社を連絡する

関連リンク

トップ試験