Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 350-201 Topic 7 Question 94 Discussion

Actual exam question for Cisco's 350-201 exam
Question #: 94
Topic #: 7
[All 350-201 Questions]

Engineers are working to document, list, and discover all used applications within an organization. During the regular assessment of applications from the HR backup server, an engineer discovered an unknown application. The analysis showed that the application is communicating with external addresses on a non- secure, unencrypted channel. Information gathering revealed that the unknown application does not have an owner and is not being used by a business unit. What are the next two steps the engineers should take in this investigation? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, D

by Jeffrey at Aug 05, 2024, 05:43 PM

Limited Time Offer

25%

Off

Get Premium 350-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ora
3 months ago
I think they should identify who installed the application by reviewing the logs and gather a user access log from the HR department.
upvoted 0 times
...
Andree
3 months ago
I believe they should verify user credentials on the affected asset and confirm available patches and updates are installed.
upvoted 0 times
...
Whitley
3 months ago
I agree with Dong. They should also initiate a triage meeting with department leads to document the asset owner.
upvoted 0 times
...
Keva
4 months ago
Haha, this sounds like a classic case of 'rogue' software on the network. I'd go with A and D, but maybe throw in a nice joke about the IT team needing a 'Where's Waldo' app to find all the mystery programs!
upvoted 0 times
Izetta
3 months ago
A) Determine the type of data stored on the affected asset, document the access logs, and engage the incident response team.
upvoted 0 times
...
Corinne
3 months ago
Haha, that's a good one! The IT team definitely needs a 'Where's Waldo' app for these mystery programs!
upvoted 0 times
...
Son
3 months ago
D) Initiate a triage meeting with department leads to determine if the application is owned internally or used by any business unit and document the asset owner.
upvoted 0 times
...
Tammara
3 months ago
A) Determine the type of data stored on the affected asset, document the access logs, and engage the incident response team.
upvoted 0 times
...
...
Dong
4 months ago
I think the engineers should determine the type of data stored on the affected asset and engage the incident response team.
upvoted 0 times
...
Una
4 months ago
This is a tough one, but I think A and D are the way to go. Securing the asset and finding the application owner should be the top priorities here.
upvoted 0 times
...
Lauran
4 months ago
I agree with Eliseo, but I also think B could be useful to identify who installed the unknown app. Reviewing the logs could give us more insights.
upvoted 0 times
Hester
3 months ago
I agree with Eliseo, but I also think B could be useful to identify who installed the unknown app. Reviewing the logs could give us more insights.
upvoted 0 times
...
Antonio
4 months ago
B) Identify who installed the application by reviewing the logs and gather a user access log from the HR department.
upvoted 0 times
...
Geoffrey
4 months ago
A) Determine the type of data stored on the affected asset, document the access logs, and engage the incident response team.
upvoted 0 times
...
...
Eliseo
4 months ago
Definitely A and D. We need to understand the data at risk and engage the incident response team, while also determining the application's ownership or usage within the organization.
upvoted 0 times
Maryann
3 months ago
D) Initiate a triage meeting with department leads to determine if the application is owned internally or used by any business unit and document the asset owner.
upvoted 0 times
...
Anastacia
4 months ago
A) Determine the type of data stored on the affected asset, document the access logs, and engage the incident response team.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77