Cisco 350-201 CBRCOR Exam Questions Instant Access

Question 1

Refer to the exhibit.

A threat actor behind a single computer exploited a cloud-based application by sending multiple concurrent API requests. These requests made the application unresponsive. Which solution protects the application from being overloaded and ensures more equitable application access across the end-user community?

ALimit the number of API calls that a single client is allowed to make

BAdd restrictions on the edge router on how often a single client can access the API

CReduce the amount of data that can be fetched from the total pool of active clients that call the API

DIncrease the application cache of the total pool of active clients that call the API

Answer : A

Question 2

Refer to the exhibit.

An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon -- Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?

Amalware break

Bdata theft

Celevation of privileges

Ddenial-of-service

Answer : C

Question 3

The physical security department received a report that an unauthorized person followed an authorized individual to enter a secured premise. The incident was documented and given to a security specialist to analyze. Which step should be taken at this stage?

ADetermine the assets to which the attacker has access

BIdentify assets the attacker handled or acquired

CChange access controls to high risk assets in the enterprise

DIdentify movement of the attacker in the enterprise

Answer : D

Question 4

An engineer is moving data from NAS servers in different departments to a combined storage database so that the data can be accessed and analyzed by the organization on-demand. Which data management process is being used?

Adata clustering

Bdata regression

Cdata ingestion

Ddata obfuscation

Answer : A

Question 5

Refer to the exhibit.

An engineer must tune the Cisco IOS device to mitigate an attack that is broadcasting a large number of ICMP packets. The attack is sending the victim's spoofed source IP to a network using an IP broadcast address that causes devices in the network to respond back to the source IP address. Which action does the engineer recommend?

AUse command ip verify reverse-path interface

BUse global configuration command service tcp-keepalives-out

CUse subinterface command no ip directed-broadcast

DUse logging trap 6

Answer : A

Question 6

An API developer is improving an application code to prevent DDoS attacks. The solution needs to accommodate instances of a large number of API requests coming for legitimate purposes from trustworthy services. Which solution should be implemented?

ARestrict the number of requests based on a calculation of daily averages. If the limit is exceeded, temporarily block access from the IP address and return a 402 HTTP error code.

BImplement REST API Security Essentials solution to automatically mitigate limit exhaustion. If the limit is exceeded, temporarily block access from the service and return a 409 HTTP error code.

CIncrease a limit of replies in a given interval for each API. If the limit is exceeded, block access from the API key permanently and return a 450 HTTP error code.

DApply a limit to the number of requests in a given time interval for each API. If the rate is exceeded, block access from the API key temporarily and return a 429 HTTP error code.

Answer : D

Question 7

Refer to the exhibit.

An employee is a victim of a social engineering phone call and installs remote access software to allow an ''MS Support'' technician to check his machine for malware. The employee becomes suspicious after the remote technician requests payment in the form of gift cards. The employee has copies of multiple, unencrypted database files, over 400 MB each, on his system and is worried that the scammer copied the files off but has no proof of it. The remote technician was connected sometime between 2:00 pm and 3:00 pm over https. What should be determined regarding data loss between the employee's laptop and the remote technician's system?

ANo database files were disclosed

BThe database files were disclosed

CThe database files integrity was violated

DThe database files were intentionally corrupted, and encryption is possible

Answer : C

Cisco Performing CyberOps Using Core Security Technologies 350-201 CBRCOR Exam Questions