Cisco (350-201-CBRCOR) Exam Questions And Answers page 14
Refer to the exhibit. Where are the browser page rendering permissions displayed?
X-XSS-Protection
Content-Type
Cache-Control
Security Concepts
Network Security
An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?
#!/usr/bin/python
import sys
import requests
#!/usr/bin/python
import sys
import requests
{1}, {2}
{1}, {3}
console_ip, api_token
console_ip, reference_set_name
Security Concepts
Network Security
Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop has automatically submitted a low prevalence file to the Threat Grid analysis engine for further analysis. What should be concluded from this report?
The prioritized behavioral indicators of compromise do not justify the execution of the ransomware because the scores do not indicate the likelihood of malicious ransomware.
The prioritized behavioral indicators of compromise do not justify the execution of the ransomware because the scores are high and do not indicate the likelihood of malicious ransomware.
The prioritized behavioral indicators of compromise justify the execution of the ransomware because the scores are high and indicate the likelihood that malicious ransomware has been detected.
The prioritized behavioral indicators of compromise justify the execution of the ransomware because the scores are low and indicate the likelihood that malicious ransomware has been detected.
Endpoint Security
Threat Intelligence and Incident Response
A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.921.2239.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?
DDoS attack
phishing attack
virus outbreak
malware outbreak
Network Security
Endpoint Security
Refer to the exhibit. Where does it signify that a page will be stopped from loading when a scripting attack is detected?
x-frame-options
x-content-type-options
x-xss-protection
x-test-debug
Security Concepts
Endpoint Security
Refer to the exhibit. An engineer is reverse engineering a suspicious file by examining its resources. What does this file indicate?
a DOS MZ executable format
a MS-DOS executable archive
an archived malware
a Windows executable file
Security Concepts
Endpoint Security
Drag and drop the actions below the image onto the boxes in the image for the actions that should be taken during this playbook step. Not all options are used.
Security Concepts
Network Security
An audit is assessing a small business that is selling automotive parts and diagnostic services. Due to increased customer demands, the company recently started to accept credit card payments and acquired a POS terminal. Which compliance regulations must the audit apply to the company?
HIPAA
FISMA
COBIT
PCI DSS
Security Concepts
Network Security
Refer to the exhibit. How are tokens authenticated when the REST API on a device is accessed from a REST API client?
The token is obtained by providing a password. The REST client requests access to a resource using the access token. The REST API validates the access token and gives access to the resource.
The token is obtained by providing a password. The REST API requests access to a resource using the access token, validates the access token, and gives access to the resource.
The token is obtained before providing a password. The REST API provides resource access, refreshes tokens, and returns them to the REST client. The REST client requests access to a resource using the access token.
The token is obtained before providing a password. The REST client provides access to a resource using the access token. The REST API encrypts the access token and gives access to the resource.
Security Concepts
Network Security
Refer to the exhibit. A security analyst needs to investigate a security incident involving several suspicious connections with a possible attacker. Which tool should the analyst use to identify the source IP of the offender?
packet sniffer
malware analysis
SIEM
firewall manager
Security Concepts
Network Security
Comments