Exam Logo

Cisco (350-201-CBRCOR) Exam Questions And Answers page 2

What is the impact of hardening machine images for deployment?
Security Concepts Endpoint Security
An engineer notices that unauthorized software was installed on the network and discovers that it was installed by a dormant user account. The engineer suspects an escalation of privilege attack and responds to the incident. Drag and drop the activities from the left into the order for the response on the right.

Network Security Endpoint Security
Drag and drop the mitigation steps from the left onto the vulnerabilities they mitigate on the right.

Security Concepts Network Security
An engineer is investigating several cases of increased incoming spam emails and suspicious emails from the HR and service departments. While checking the event sources, the website monitoring tool showed several web scraping alerts overnight. Which type of compromise is indicated?
Network Security Threat Intelligence and Incident Response
Refer to the exhibit. Which asset has the highest risk value?

Security Concepts Cloud Security
An engineer returned to work and realized that payments that were received over the weekend were sent to the wrong recipient. The engineer discovered that the SaaS tool that processes these payments was down over the weekend. Which step should the engineer take first?
Security Concepts Network Security

Refer to the exhibit. An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?
Security Concepts Network Security
A security analyst receives an escalation regarding an unidentified connection on the Accounting A1 server within a monitored zone. The analyst pulls the logs and discovers that a Powershell process and a WMI tool process were started on the server after the connection was established and that a PE format file was created in the system directory. What is the next step the analyst should take?
Network Security Endpoint Security
A security incident affected an organization s critical business services, and the customer-side web API became unresponsive and crashed. An investigation revealed a spike of API call requests and a high number of inactive sessions during the incident. Which two recommendations should the engineers make to prevent similar incidents in the future? (Choose two.)
Network Security Threat Intelligence and Incident Response
Refer to the exhibit. For IP 192.168.1.209, what are the risk level, activity, and next step?

Security Concepts Network Security