Cisco Exam 350-201 Topic 3 Question 85 Discussion

Actual exam question for Cisco's 350-201 exam

Question #: 85
Topic #: 3

Engineers are working to document, list, and discover all used applications within an organization. During the regular assessment of applications from the HR backup server, an engineer discovered an unknown application. The analysis showed that the application is communicating with external addresses on a non- secure, unencrypted channel. Information gathering revealed that the unknown application does not have an owner and is not being used by a business unit. What are the next two steps the engineers should take in this investigation? (Choose two.)

ADetermine the type of data stored on the affected asset, document the access logs, and engage the incident response team.

BIdentify who installed the application by reviewing the logs and gather a user access log from the HR department.

CVerify user credentials on the affected asset, modify passwords, and confirm available patches and updates are installed.

DInitiate a triage meeting with department leads to determine if the application is owned internally or used by any business unit and document the asset owner.

Show Suggested Answer

Suggested Answer: A, D

by Rory at Apr 24, 2024, 11:09 PM

Limited Time Offer

25%

6 months ago

Let's determine the type of data stored on the affected asset and engage the incident response team.

upvoted 0 times

Lenna

5 months ago

D) Initiate a triage meeting with department leads to determine if the application is owned internally or used by any business unit and document the asset owner.

upvoted 0 times

...

Luisa

5 months ago

A) Determine the type of data stored on the affected asset, document the access logs, and engage the incident response team.

upvoted 0 times

...