최신 350-201 무료덤프 - Cisco Performing CyberOps Using Cisco Security Technologies
An engineer notices that every Sunday night, there is a two-hour period with a large load of network activity.
Upon further investigation, the engineer finds that the activity is from locations around the globe outside the organization's service area. What are the next steps the engineer must take?
Upon further investigation, the engineer finds that the activity is from locations around the globe outside the organization's service area. What are the next steps the engineer must take?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
An employee abused PowerShell commands and script interpreters, which lead to an indicator of compromise (IOC) trigger. The IOC event shows that a known malicious file has been executed, and there is an increased likelihood of a breach. Which indicator generated this IOC event?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
What is needed to assess risk mitigation effectiveness in an organization?
정답: A
Refer to the exhibit.
Rapid Threat Containment using Cisco Secure Network Analytics (Stealthwatch) and ISE detects the threat of malware-infected 802.1x authenticated endpoints and places that endpoint into a quarantine VLAN using Adaptive Network Control policy. Which method was used to signal ISE to quarantine the endpoints?
Rapid Threat Containment using Cisco Secure Network Analytics (Stealthwatch) and ISE detects the threat of malware-infected 802.1x authenticated endpoints and places that endpoint into a quarantine VLAN using Adaptive Network Control policy. Which method was used to signal ISE to quarantine the endpoints?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
A company recently started accepting credit card payments in their local warehouses and is undergoing a PCI audit. Based on business requirements, the company needs to store sensitive authentication data for 45 days.
How must data be stored for compliance?
How must data be stored for compliance?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Refer to the exhibit.
An engineer received a report that an attacker has compromised a workstation and gained access to sensitive customer data from the network using insecure protocols. Which action prevents this type of attack in the future?
An engineer received a report that an attacker has compromised a workstation and gained access to sensitive customer data from the network using insecure protocols. Which action prevents this type of attack in the future?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An engineer wants to review the packet overviews of SNORT alerts. When printing the SNORT alerts, all the packet headers are included, and the file is too large to utilize. Which action is needed to correct this problem?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Where do threat intelligence tools search for data to identify potential malicious IP addresses, domain names, and URLs?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.861.2117.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code execution attack occurred in a company's infrastructure. Which steps should an engineer take at the recovery stage?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)