Pass 350-201 Exam in First Attempt Guaranteed 2021 Dumps! [Q11-Q29]

Pass 350-201 Exam in First Attempt Guaranteed 2021 Dumps!

350-201 Dumps Full Questions - Exam Study Guide

NEW QUESTION 11
Refer to the exhibit. A threat actor behind a single computer exploited a cloud-based application by sending multiple concurrent API requests. These requests made the application unresponsive. Which solution protects the application from being overloaded and ensures more equitable application access across the end-user community?

• A. Reduce the amount of data that can be fetched from the total pool of active clients that call the API
• B. Limit the number of API calls that a single client is allowed to make
• C. Add restrictions on the edge router on how often a single client can access the API
• D. Increase the application cache of the total pool of active clients that call the API

Answer: B

 

NEW QUESTION 12
A security manager received an email from an anomaly detection service, that one of their contractors has downloaded 50 documents from the company's confidential document management folder using a company- owned asset al039-ice-4ce687TL0500. A security manager reviewed the content of downloaded documents and noticed that the data affected is from different departments. What are the actions a security manager should take?

• A. Communicate with the contractor to identify the motives.
• B. Escalate to contractor's manager.
• C. Report to the incident response team.
• D. Measure confidentiality level of downloaded documents.

Answer: C

 

NEW QUESTION 13
Employees receive an email from an executive within the organization that summarizes a recent security breach and requests that employees verify their credentials through a provided link. Several employees report the email as suspicious, and a security analyst is investigating the reports. Which two steps should the analyst take to begin this investigation? (Choose two.)

• A. Communicate with employees to determine who opened the link and isolate the affected assets.
• B. Review the mail server and proxy logs to identify the impact of a potential breach.
• C. Check the email header to identify the sender and analyze the link in an isolated environment.
• D. Evaluate the intrusion detection system alerts to determine the threat source and attack surface.
• E. Examine the firewall and HIPS configuration to identify the exploited vulnerabilities and apply recommended mitigation.

Answer: C,E

Explanation:
Section: (none)
Explanation

 

NEW QUESTION 14
An API developer is improving an application code to prevent DDoS attacks. The solution needs to accommodate instances of a large number of API requests coming for legitimate purposes from trustworthy services. Which solution should be implemented?

• A. Increase a limit of replies in a given interval for each API. If the limit is exceeded, block access from the API key permanently and return a 450 HTTP error code.
• B. Restrict the number of requests based on a calculation of daily averages. If the limit is exceeded, temporarily block access from the IP address and return a 402 HTTP error code.
• C. Apply a limit to the number of requests in a given time interval for each API. If the rate is exceeded, block access from the API key temporarily and return a 429 HTTP error code.
• D. Implement REST API Security Essentials solution to automatically mitigate limit exhaustion. If the limit is exceeded, temporarily block access from the service and return a 409 HTTP error code.

Answer: C

 

NEW QUESTION 15
An engineer is analyzing a possible compromise that happened a week ago when the company ? (Choose two.)

• A. autopsy
• B. IPS
• C. Wireshark
• D. SHA512
• E. firewall

Answer: C,E

 

NEW QUESTION 16
Employees report computer system crashes within the same week. An analyst is investigating one of the computers that crashed and discovers multiple shortcuts in the system's startup folder. It appears that the shortcuts redirect users to malicious URLs. What is the next step the engineer should take to investigate this case?

• A. Check the audit logs
• B. Identify affected systems
• C. Remove the shortcut files
• D. Investigate the malicious URLs

Answer: B

 

NEW QUESTION 17
An organization suffered a security breach in which the attacker exploited a Netlogon Remote Protocol vulnerability for further privilege escalation. Which two actions should the incident response team take to prevent this type of attack from reoccurring? (Choose two.)

• A. Define roles and responsibilities in the incident response playbook.
• B. Apply existing patches to the company servers.
• C. Automate antivirus scans of the company servers.
• D. Scan the company server files for known viruses.
• E. Implement a patch management process.

Answer: A,C

 

NEW QUESTION 18
According to GDPR, what should be done with data to ensure its confidentiality, integrity, and availability?

• A. Conduct a data protection impact assessment
• B. Perform a vulnerability assessment
• C. Perform awareness testing
• D. Conduct penetration testing

Answer: A

 

NEW QUESTION 19

Refer to the exhibit. An engineer configured this SOAR solution workflow to identify account theft threats and privilege escalation, evaluate risk, and respond by resolving the threat. This solution is handling more threats than Security analysts have time to analyze. Without this analysis, the team cannot be proactive and anticipate attacks. Which action will accomplish this goal?

• A. Exclude the step "Check for GeoIP location" to allow analysts to analyze the location and the associated risk based on asset criticality
• B. Include a step "Reporting" to alert the security department of threats identified by the SOAR reporting engine
• C. Include a step "Take a Snapshot" to capture the endpoint state to contain the threat for analysis
• D. Exclude the step "BAN malicious IP" to allow analysts to conduct and track the remediation

Answer: D

 

NEW QUESTION 20
An organization lost connectivity to critical servers, and users cannot access business applications and internal websites. An engineer checks the network devices to investigate the outage and determines that all devices are functioning. Drag and drop the steps from the left into the sequence on the right to continue investigating this issue. Not all options are used.

Answer:

Explanation:

 

NEW QUESTION 21
Refer to the exhibit.

How must these advisories be prioritized for handling?

• A. Vulnerability #1 is the highest priority for every type of institution
• B. Vulnerability #2 is the highest priority for every type of institution
• C. Vulnerability #1 and vulnerability #2 have the same priority
• D. The highest priority for handling depends on the type of institution deploying the devices

Answer: A

 

NEW QUESTION 22
Refer to the exhibit.

An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon - Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?

• A. malware break
• B. elevation of privileges
• C. denial-of-service
• D. data theft

Answer: B

 

NEW QUESTION 23
Drag and drop the threat from the left onto the scenario that introduces the threat on the right. Not all options are used.

Answer:

Explanation:

 

NEW QUESTION 24
The physical security department received a report that an unauthorized person followed an authorized individual to enter a secured premise. The incident was documented and given to a security specialist to analyze. Which step should be taken at this stage?

• A. Determine the assets to which the attacker has access
• B. Identify movement of the attacker in the enterprise
• C. Identify assets the attacker handled or acquired
• D. Change access controls to high risk assets in the enterprise

Answer: B

 

NEW QUESTION 25
Drag and drop the mitigation steps from the left onto the vulnerabilities they mitigate on the right.

Answer:

Explanation:

 

NEW QUESTION 26
Drag and drop the components from the left onto the phases of the CI/CD pipeline on the right.

Answer:

Explanation:

Reference:
https://www.densify.com/resources/continuous-integration-delivery-phases

 

NEW QUESTION 27
A Mac laptop user notices that several files have disappeared from their laptop documents folder. While looking for the files, the user notices that the browser history was recently cleared. The user raises a case, and an analyst reviews the network usage and discovers that it is abnormally high. Which step should be taken to continue the investigation?

• A. Run the sh command
• B. Run the who command
• C. Run the w command
• D. Run the sudo sysdiagnose command

Answer: D

Explanation:
Explanation/Reference: https://eclecticlight.co/2016/02/06/the-ultimate-diagnostic-tool-sysdiagnose/

 

NEW QUESTION 28
Refer to the exhibit.

An engineer is performing a static analysis on a malware and knows that it is capturing keys and webcam events on a company server. What is the indicator of compromise?

• A. The malware is a ransomware querying for installed anti-virus products and operating systems to encrypt and render unreadable until payment is made for file decryption.
• B. The malware contains an encryption and decryption routine to hide URLs/IP addresses and is storing the output of loggers and webcam captures in locally encrypted files for retrieval.
• C. The malware has moved to harvesting cookies and stored account information from major browsers and configuring a reverse proxy for intercepting network activity.
• D. The malware is performing comprehensive fingerprinting of the host, including a processor, motherboard manufacturer, and connected removable storage.

Answer: A

 

NEW QUESTION 29
......

CyberOps Professional  Free Certification Exam Material from ExamPrepAway with 141 Questions: https://www.examprepaway.com/Cisco/braindumps.350-201.ete.file.html

Use Real 350-201 - 100% Cover Real Exam Questions: https://drive.google.com/open?id=1S8M0l-mJRnxg8kfS2VN99EoT_UjXPGtw