350-201 Free Practice Test

A new malware variant is discovered hidden in pirated software that is distributed on the Internet. Executives have asked for an organizational risk assessment. The security officer is given a list of all assets. According to NIST, which two elements are missing to calculate the risk assessment? (Choose two.)

1. A. incident response playbooks
2. B. asset vulnerability assessment
3. C. report of staff members with asset relations
4. D. key assets and executives
5. E. malware analysis report

Correct Answer: BE

An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle. The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually. Which action will improve workflow automation?

1. A. Implement a new workflow within SOAR to create tickets in the incident response system, assign problematic certificate update requests to server owners, and register change requests.
2. B. Integrate a PKI solution within SOAR to create certificates within the SOAR engines to track, update, and monitor problematic certificates.
3. C. Implement a new workflow for SOAR to fetch a report of assets that are outside of the PKI zone, sort assets by certification management leads and automate alerts that updates are needed.
4. D. Integrate a SOAR solution with Active Directory to pull server owner details from the AD and send an automated email for problematic certificates requesting updates.

Correct Answer: C

An organization had several cyberattacks over the last 6 months and has tasked an engineer with looking for patterns or trends that will help the organization anticipate future attacks and mitigate them. Which data analytic technique should the engineer use to accomplish this task?

1. A. diagnostic
2. B. qualitative
3. C. predictive
4. D. statistical

Correct Answer: C

Which command does an engineer use to set read/write/execute access on a folder for everyone who reaches the resource?

1. A. chmod 666
2. B. chmod 774
3. C. chmod 775
4. D. chmod 777

Correct Answer: D

Refer to the exhibit.

What is occurring in this packet capture?

1. A. TCP port scan
2. B. TCP flood
3. C. DNS flood
4. D. DNS tunneling

Correct Answer: B