Free Preparation Discussions
MENU
Cisco 350-201 Exam
- Topic 1: Interpret the sequence of events during an attack based on analysis of traffic patterns/ Interpret the components within a playbook
- Topic 2: Compare security operations considerations of cloud platforms/ Determine the tools needed based on a playbook scenario
- Topic 3: Describe the concepts and limitations of cyber risk insurance/ Describe the use of hardening machine images for deployment
- Topic 4: Determine resources for industry standards and recommendations for hardening of systems/ Utilize network controls for network hardening
- Topic 5: Describe use and concepts of tools for security data analytics/ Describe the concepts of security data management
- Topic 6: Infer the industry for various compliance standards/ Evaluate the parts of an HTTP response
- Topic 7: Apply the playbook for a common scenario/ Describe characteristics and areas of improvement using common incident response metrics
- Topic 8: Describe the process of evaluating the security posture of an asset/ Determine patching recommendations, given a scenario
- Topic 9: Describe the different mechanisms to detect and enforce data loss prevention techniques/ Evaluate artifacts and streams in a packet capture file
- Topic 10: Determine the next action based on user behavior alerts/ Determine the steps to investigate the common types of cases
- Topic 11: Modify a provided script to automate a security operations task/ Determine opportunities for automation and orchestration
- Topic 12:
Free Cisco 350-201 Exam Actual Questions
The questions for 350-201 were last updated On Apr. 13, 2024
The network operations center has identified malware, created a ticket within their ticketing system, and assigned the case to the SOC with high-level information. A SOC analyst was able to stop the malware from spreading and identified the attacking host. What is the next step in the incident response workflow?
Engineers are working to document, list, and discover all used applications within an organization. During the regular assessment of applications from the HR backup server, an engineer discovered an unknown application. The analysis showed that the application is communicating with external addresses on a non- secure, unencrypted channel. Information gathering revealed that the unknown application does not have an owner and is not being used by a business unit. What are the next two steps the engineers should take in this investigation? (Choose two.)
An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?
#!/usr/bin/python import sys import requests
A company recently started accepting credit card payments in their local warehouses and is undergoing a PCI audit. Based on business requirements, the company needs to store sensitive authentication data for 45 days. How must data be stored for compliance?
The network operations center has identified malware, created a ticket within their ticketing system, and assigned the case to the SOC with high-level information. A SOC analyst was able to stop the malware from spreading and identified the attacking host. What is the next step in the incident response workflow?
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Currently there are no comments in this discussion, be the first to comment!