New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CyberOps Professional 350-201 Passing Score

Page: 10 / 10
Question 40

An engineer received an incident ticket of a malware outbreak and used antivirus and malware removal tools to eradicate the threat. The engineer notices that abnormal processes are still occurring in the system and determines that manual intervention is needed to clean the infected host and restore functionality. What is the next step the engineer should take to complete this playbook step?

Options:

A.

Scan the network to identify unknown assets and the asset owners.

B.

Analyze the components of the infected hosts and associated business services.

C.

Scan the host with updated signatures and remove temporary containment.

D.

Analyze the impact of the malware and contain the artifacts.

Question 41

A Mac laptop user notices that several files have disappeared from their laptop documents folder. While looking for the files, the user notices that the browser history was recently cleared. The user raises a case, and an analyst reviews the network usage and discovers that it is abnormally high. Which step should be taken to continue the investigation?

Options:

A.

Run the sudo sysdiagnose command

B.

Run the sh command

C.

Run the w command

D.

Run the who command

Page: 10 / 10
Exam Code: 350-201
Exam Name: Performing CyberOps Using Core Security Technologies (CBRCOR)
Last Update: Dec 23, 2024
Questions: 139
350-201 pdf

350-201 PDF

$28.5  $94.99
350-201 Engine

350-201 Testing Engine

$33  $109.99
350-201 PDF + Engine

350-201 PDF + Testing Engine

$43.5  $144.99