최신 350-201 무료덤프 - Cisco Performing CyberOps Using Cisco Security Technologies
A company launched an e-commerce website with multiple points of sale through internal and external e- stores. Customers access the stores from the public website, and employees access the stores from the intranet with an SSO. Which action is needed to comply with PCI standards for hardening the systems?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Refer to the exhibit.
Which indicator of compromise is represented by this STIX?
Which indicator of compromise is represented by this STIX?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A company recently started accepting credit card payments in their local warehouses and is undergoing a PCI audit. Based on business requirements, the company needs to store sensitive authentication data for 45 days.
How must data be stored for compliance?
How must data be stored for compliance?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Refer to the exhibit.
Cisco Rapid Threat Containment using Cisco Secure Network Analytics (Stealthwatch) and ISE detects the threat of malware-infected 802.1x authenticated endpoints and places that endpoint into a Quarantine VLAN using Adaptive Network Control policy. Which telemetry feeds were correlated with SMC to identify the malware?
Cisco Rapid Threat Containment using Cisco Secure Network Analytics (Stealthwatch) and ISE detects the threat of malware-infected 802.1x authenticated endpoints and places that endpoint into a Quarantine VLAN using Adaptive Network Control policy. Which telemetry feeds were correlated with SMC to identify the malware?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Which action should be taken when the HTTP response code 301 is received from a web application?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
The incident response team receives information about the abnormal behavior of a host. A malicious file is found being executed from an external USB flash drive. The team collects and documents all the necessary evidence from the computing resource. What is the next step?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
A SOC team is investigating a recent, targeted social engineering attack on multiple employees. Cross- correlated log analysis revealed that two hours before the attack, multiple assets received requests on TCP port
79. Which action should be taken by the SOC team to mitigate this attack?
79. Which action should be taken by the SOC team to mitigate this attack?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A threat actor has crafted and sent a spear-phishing email with what appears to be a trustworthy link to the site of a conference that an employee recently attended. The employee clicked the link and was redirected to a malicious site through which the employee downloaded a PDF attachment infected with ransomware. The employee opened the attachment, which exploited vulnerabilities on the desktop. The ransomware is now installed and is calling back to its command and control server. Which security solution is needed at this stage to mitigate the attack?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
The incident response team was notified of detected malware. The team identified the infected hosts, removed the malware, restored the functionality and data of infected systems, and planned a company meeting to improve the incident handling capability. Which step was missed according to the NIST incident handling guide?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An organization lost connectivity to critical servers, and users cannot access business applications and internal websites. An engineer checks the network devices to investigate the outage and determines that all devices are functioning. Drag and drop the steps from the left into the sequence on the right to continue investigating this issue. Not all options are used.
정답:
