Cisco Exam 350-201 Topic 10 Question 42 Discussion

Actual exam question for Cisco's 350-201 exam

Question #: 42
Topic #: 10

A SOC engineer discovers that the organization had three DDOS attacks overnight. Four servers are reported offline, even though the hardware seems to be working as expected. One of the offline servers is affecting the pay system reporting times. Three employees, including executive management, have reported ransomware on their laptops. Which steps help the engineer understand a comprehensive overview of the incident?

ARun and evaluate a full packet capture on the workloads, review SIEM logs, and define a root cause.

BRun and evaluate a full packet capture on the workloads, review SIEM logs, and plan mitigation steps.

CCheck SOAR to learn what the security systems are reporting about the overnight events, research the attacks, and plan mitigation step.

DCheck SOAR to know what the security systems are reporting about the overnight events, review the threat vectors, and define a root cause.

Show Suggested Answer

Suggested Answer: D

by Melodie at May 09, 2022, 02:38 PM

Limited Time Offer

25%

Off

Get Premium 350-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!