ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-201 All Questions

View all questions & answers for the 350-201 exam
Go to Exam

Exam 350-201 topic 1 question 108 discussion

Actual exam question from Cisco's 350-201
Question #: 108
Topic #: 1
[All 350-201 Questions]

An engineer received an incident ticket of a malware outbreak and used antivirus and malware removal tools to eradicate the threat. The engineer notices that abnormal processes are still occurring in the system and determines that manual intervention is needed to clean the infected host and restore functionality. What is the next step the engineer should take to complete this playbook step?

  • A. Scan the network to identify unknown assets and the asset owners.
  • B. Analyze the components of the infected hosts and associated business services.
  • C. Scan the host with updated signatures and remove temporary containment.
  • D. Analyze the impact of the malware and contain the artifacts.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Bobster02 at Nov. 29, 2021, 1:08 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
marceus
2 months, 3 weeks ago
Selected Answer: D
ChatGPT: The next step should be to analyze the impact of the malware and contain the artifacts to ensure the system is completely secure before proceeding with further remediation steps.
upvoted 1 times
...
27ea763
3 months, 1 week ago
Selected Answer: C
No Idea. Will choose C based on others comments
upvoted 1 times
...
TrainingTeam
6 months, 2 weeks ago
Selected Answer: B
After using antivirus and malware removal tools, if abnormal processes are still occurring, the engineer should analyze the components of the infected hosts and their associated business services. This step is crucial to understand the scope of the infection, determine how the malware is affecting the system, and identify any changes made by the malware. This analysis will help in planning the subsequent steps for cleaning the infected host and restoring its functionality1.
upvoted 1 times
...
ak_technonet
1 year, 11 months ago
Selected Answer: C
The question mentions to restore function.
upvoted 2 times
...
DrVoIP
2 years, 2 months ago
C. Scan the host with updated signatures and remove temporary containment. - ChatGPT
upvoted 2 times
...
ETSec
2 years, 3 months ago
Selected Answer: B
B. Analyze the components of the infected hosts and associated business services. This step is important to ensure that all aspects of the infected host, including any dependent services or applications, are fully identified and understood so that appropriate actions can be taken to restore functionality and prevent future infections.
upvoted 1 times
...
Medjai89
2 years, 4 months ago
The next step is C. https://board.flexibleir.com/b/mn5OChoMqV9PxP0Ka/1
upvoted 3 times
...
Bobster02
3 years, 5 months ago
Selected Answer: D
D. Analyze the impact of the malware and contain the artifacts.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago