Free Access Cisco.350-201.v2022-11-05.q67 Practice Test (Page 2)

Question 1

Refer to the exhibit.

Two types of clients are accessing the front ends and the core database that manages transactions, access control, and atomicity. What is the threat model for the SQL database?

A.An attacker can read or change data.

B.An attacker can initiate a DoS attack.

C.An attacker can transfer data to an external server.

D.An attacker can modify the access logs.

Question 2

A SOC analyst is investigating a recent email delivered to a high-value user for a customer whose network their organization monitors. The email includes a suspicious attachment titled "Invoice RE: 0004489". The hash of the file is gathered from the Cisco Email Security Appliance. After searching Open Source Intelligence, no available history of this hash is found anywhere on the web. What is the next step in analyzing this attachment to allow the analyst to gather indicators of compromise?

A.Ask the company to execute the payload for real time analysis

B.Run and analyze the DLP Incident Summary Report from the Email Security Appliance

C.Investigate further in open source repositories using YARA to find matches

D.Obtain a copy of the file for detonation in a sandbox

Question 3

Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop has automatically submitted a low prevalence file to the Threat Grid analysis engine for further analysis. What should be concluded from this report?

A.The prioritized behavioral indicators of compromise justify the execution of the "ransomware" because the scores are low and indicate the likelihood that malicious ransomware has been detected.

B.The prioritized behavioral indicators of compromise justify the execution of the "ransomware" because the scores are high and indicate the likelihood that malicious ransomware has been detected.

C.The prioritized behavioral indicators of compromise do not justify the execution of the "ransomware" because the scores are high and do not indicate the likelihood of malicious ransomware.

D.The prioritized behavioral indicators of compromise do not justify the execution of the "ransomware" because the scores do not indicate the likelihood of malicious ransomware.

Question 4

A security architect is working in a processing center and must implement a DLP solution to detect and prevent any type of copy and paste attempts of sensitive data within unapproved applications and removable devices. Which technical architecture must be used?

A.DLP for data in use

B.DLP for data in motion

C.DLP for data at rest

D.DLP for removable data

Question 5

A payroll administrator noticed unexpected changes within a piece of software and reported the incident to the incident response team. Which actions should be taken at this step in the incident response workflow?

A.Classify the attack vector, understand the scope of the event, and identify the vulnerabilities being exploited

B.Determine the attack surface, evaluate the risks involved, and communicate the incident according to the escalation plan

C.Determine the damage to the business, extract reports, and save evidence according to a chain of custody

D.Classify the criticality of the information, research the attacker's motives, and identify missing patches

Other Version: 490Cisco.350-201.v2024-10-08.q108; 1024Cisco.350-201.v2023-04-04.q66; 1623Cisco.350-201.v2022-08-24.q70; 1555Cisco.350-201.v2022-03-01.q65; 56Cisco.Prepawaypdf.350-201.v2021-12-18.by.heather.67q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 169PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File