Exam Logo

Cisco (350-201-CBRCOR) Exam Questions And Answers page 7


Refer to the exhibit. Based on the detected vulnerabilities, what is the next recommended mitigation step?
Security Concepts Cloud Security

Refer to the exhibit. Which data format is being used?
Security Concepts Network Security
A SOC team is investigating a recent, targeted social engineering attack on multiple employees. Cross-correlated log analysis revealed that two hours before the attack, multiple assets received requests on TCP port 79. Which action should be taken by the SOC team to mitigate this attack?
Network Security Threat Intelligence and Incident Response

Refer to the exhibit. An employee is a victim of a social engineering phone call and installs remote access software to allow an MS Support technician to check his machine for malware. The employee becomes suspicious after the remote technician requests payment in the form of gift cards. The employee has copies of multiple, unencrypted database files, over 400 MB each, on his system and is worried that the scammer copied the files off but has no proof of it. The remote technician was connected sometime between 2:00 pm and 3:00 pm over https. What should be determined regarding data loss between the employee s laptop and the remote technician s system?
Security Concepts Network Security
A SOC team receives multiple alerts by a rule that detects requests to malicious URLs and informs the incident response team to block the malicious URLs requested on the firewall. Which action will improve the effectiveness of the process?
Network Security Threat Intelligence and Incident Response
A European-based advertisement company collects tracking information from partner websites and stores it on a local server to provide tailored ads. Which standard must the company follow to safeguard the resting data?
Network Security Endpoint Security

Refer to the exhibit. An engineer is investigating a case with suspicious usernames within the active directory. After the engineer investigates and cross-correlates events from other sources, it appears that the 2 users are privileged, and their creation date matches suspicious network traffic that was initiated from the internal network 2 days prior. Which type of compromise is occurring?
Security Concepts Network Security

Refer to the exhibit. Where are the browser page rendering permissions displayed?
Security Concepts Network Security
An engineer is analyzing a possible compromise that happened a week ago when the company database servers unexpectedly went down. The analysis reveals that attackers tampered with Microsoft SQL Server Resolution Protocol and launched a DDoS attack. The engineer must act quickly to ensure that all systems are protected. Which two tools should be used to detect and mitigate this type of future attack? (Choose two.)
Network Security Threat Intelligence and Incident Response

Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low prevalence file to the Threat Grid analysis engine. What should be concluded from this report?
Endpoint Security Threat Intelligence and Incident Response