Free Access Cisco.350-201.v2022-11-05.q67 Practice Test (Page 14)

Question 61

After a recent malware incident, the forensic investigator is gathering details to identify the breach and causes. The investigator has isolated the affected workstation. What is the next step that should be taken in this investigation?

A.Analyze the applications and services running on the affected workstation.

B.Inspect registry entries for recently executed files.

C.Review audit logs for privilege escalation events.

D.Compare workstation configuration and asset configuration policy to identify gaps.

Question 62

How does Wireshark decrypt TLS network traffic?

A.by defining a user-specified decode-as

B.by observing DH key exchange

C.with a key log file using per-session secrets

D.using an RSA public key

Question 63

Drag and drop the mitigation steps from the left onto the vulnerabilities they mitigate on the right.

Question 64

A security manager received an email from an anomaly detection service, that one of their contractors has downloaded 50 documents from the company's confidential document management folder using a company- owned asset al039-ice-4ce687TL0500. A security manager reviewed the content of downloaded documents and noticed that the data affected is from different departments. What are the actions a security manager should take?

A.Escalate to contractor's manager.

B.Communicate with the contractor to identify the motives.

C.Measure confidentiality level of downloaded documents.

D.Report to the incident response team.

Question 65

A SOC team is investigating a recent, targeted social engineering attack on multiple employees. Cross- correlated log analysis revealed that two hours before the attack, multiple assets received requests on TCP port 79. Which action should be taken by the SOC team to mitigate this attack?

A.Configure affected devices to disable NETRJS protocol.

B.Disable affected assets and isolate them for further investigation.

C.Disable BIND forwarding from the DNS server to avoid reconnaissance.

D.Configure affected devices to disable the Finger service.

Other Version: 490Cisco.350-201.v2024-10-08.q108; 1024Cisco.350-201.v2023-04-04.q66; 1637Cisco.350-201.v2022-08-24.q70; 1562Cisco.350-201.v2022-03-01.q65; 56Cisco.Prepawaypdf.350-201.v2021-12-18.by.heather.67q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 119Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 229CFAInstitute.ESG-Investing.v2025-09-08.q173; 180PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 153Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 61

Question 62

Question 63

Question 64

Question 65

Download PDF File