350-201試験無料問題集（141題）「Cisco Performing CyberOps Using Cisco Security Technologies 認定」

出題：1

What is a benefit of key risk indicators?

A. clear procedures and processes for organizational risk

B. improved mitigation techniques for unknown threats

C. improved visibility on quantifiable information

D. clear perspective into the risk position of an organization

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Refer to the exhibit.

Based on the detected vulnerabilities, what is the next recommended mitigation step?

A. Perform root cause analysis for all detected vulnerabilities.

B. Temporarily shut down unnecessary services until patch deployment ends.

C. Remediate all vulnerabilities with descending CVSS score order.

D. Evaluate service disruption and associated risk before prioritizing patches.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Refer to the exhibit.

How are tokens authenticated when the REST API on a device is accessed from a REST API client?

A. The token is obtained by providing a password. The REST API requests access to a resource using the access token, validates the access token, and gives access to the resource.

B. The token is obtained before providing a password. The REST API provides resource access, refreshes tokens, and returns them to the REST client. The REST client requests access to a resource using the access token.

C. The token is obtained by providing a password. The REST client requests access to a resource using the access token. The REST API validates the access token and gives access to the resource.

D. The token is obtained before providing a password. The REST client provides access to a resource using the access token. The REST API encrypts the access token and gives access to the resource.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

A new malware variant is discovered hidden in pirated software that is distributed on the Internet. Executives have asked for an organizational risk assessment. The security officer is given a list of all assets. According to NIST, which two elements are missing to calculate the risk assessment? (Choose two.)

A. report of staff members with asset relations

B. incident response playbooks

C. asset vulnerability assessment

D. malware analysis report

E. key assets and executives

正解：C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

An organization installed a new application server for IP phones. An automated process fetched user credentials from the Active Directory server, and the application will have access to on-premises and cloud services. Which security threat should be mitigated first?

A. attack using default accounts

B. aligning access control policies

C. data exposure from backups

D. exfiltration during data transfer

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Refer to the exhibit.

Where does it signify that a page will be stopped from loading when a scripting attack is detected?

A. x-test-debug

B. x-frame-options

C. x-content-type-options

D. x-xss-protection

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

A security architect in an automotive factory is working on the Cyber Security Management System and is implementing procedures and creating policies to prevent attacks. Which standard must the architect apply?

A. IEC62439-2

B. IEC62446

C. IEC62439-3

D. IEC62443

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

The SIEM tool informs a SOC team of a suspicious file. The team initializes the analysis with an automated sandbox tool, sets up a controlled laboratory to examine the malware specimen, and proceeds with behavioral analysis. What is the next step in the malware analysis process?

A. Contain the subnet in which the suspicious file was found.

B. Perform static and dynamic code analysis of the specimen.

C. Unpack the specimen and perform memory forensics.

D. Document findings and clean-up the laboratory.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Employees report computer system crashes within the same week. An analyst is investigating one of the computers that crashed and discovers multiple shortcuts in the system's startup folder. It appears that the shortcuts redirect users to malicious URLs. What is the next step the engineer should take to investigate this case?

A. Check the audit logs

B. Identify affected systems

C. Investigate the malicious URLs

D. Remove the shortcut files

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

What is the purpose of hardening systems?

A. to identify vulnerabilities within an operating system

B. to analyze attacks to identify threat actors and points of entry

C. to create the logic that triggers alerts when anomalies occur

D. to securely configure machines to limit the attack surface

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

350-201試験無料問題集「Cisco Performing CyberOps Using Cisco Security Technologies 認定」