Free Performing CyberOps Using Core Security Technologies (CBRCOR) Exam 350-201 Exam Practice Test

An engineer is developing an application that requires frequent updates to close feedback loops and enable teams to quickly apply patches. The team wants their code updates to get to market as often as possible. Which software development approach should be used to accomplish these goals?A . continuous deliveryB . continuous integrationC . continuous deploymentD . continuous monitoring

What is a principle of Infrastructure as Code?A . System maintenance is delegated to software systemsB . Comprehensive initial designs support robust systemsC . Scripts and manual configurations work together to ensure repeatable routinesD . System downtime is grouped and scheduled across the infrastructure

A company launched an e-commerce website with multiple points of sale through internal and external e- stores. Customers access the stores from the public website, and employees access the stores from the intranet with an SSO. Which action is needed to comply with PCI standards for hardening the systems?A . Mask PAN numbersB . Encrypt personal dataC . Encrypt accessD . Mask sales details

An engineer has created a bash script to automate a complicated process. During script execution, this error occurs: permission denied. Which command must be added to execute this script?A . chmod +x ex.shB . source ex.shC . chroot ex.shD . sh ex.sh

An analyst wants to upload an infected file containing sensitive information to a hybrid-analysis sandbox. According to the NIST.SP 800-150 guide to cyber threat information sharing, what is the analyst required to do before uploading the file to safeguard privacy?A . Verify hash integrity.B . Remove all personally identifiable information.C . Ensure the online sandbox is GDPR compliant.D . Lock the file to prevent unauthorized access.

Which command does an engineer use to set read/write/execute access on a folder for everyone who reaches the resource?A . chmod 666B . chmod 774C . chmod 775D . chmod 777

A Mac laptop user notices that several files have disappeared from their laptop documents folder. While looking for the files, the user notices that the browser history was recently cleared. The user raises a case, and an analyst reviews the network usage and discovers that it is abnormally high. Which step should be taken to continue the investigation?A . Run the sudo sysdiagnose commandB . Run the sh commandC . Run the w commandD . Run the who command

An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle. The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually. Which action will improve workflow automation?A . Implement a new workflow within SOAR to create tickets in the incident response system, assign problematic certificate update requests to server owners, and register change requests.B . Integrate a PKI solution within SOAR to create certificates within the SOAR engines to track, update, and monitor problematic certificates.C . Implement a new workflow for SOAR to fetch a report of assets that are outside of the PKI zone, sort assets by certification management leads and automate alerts that updates are needed.D . Integrate a SOAR solution with Active Directory to pull server owner details from the AD and send an automated email for problematic certificates requesting updates.

A security expert is investigating a breach that resulted in a $32 million loss from customer accounts. Hackers were able to steal API keys and two-factor codes due to a vulnerability that was introduced in a new code a few weeks before the attack. Which step was missed that would have prevented this breach?A . use of the Nmap tool to identify the vulnerability when the new code was deployedB . implementation of a firewall and intrusion detection systemC . implementation of an endpoint protection systemD . use of SecDevOps to detect the vulnerability during development

A SOC analyst is investigating a recent email delivered to a high-value user for a customer whose network their organization monitors. The email includes a suspicious attachment titled ''Invoice RE: 0004489''. Thehash of the file is gathered from the Cisco Email Security Appliance. After searching Open Source Intelligence, no available history of this hash is found anywhere on the web. What is the next step in analyzing this attachment to allow the analyst to gather indicators of compromise?A . Run and analyze the DLP Incident Summary Report from the Email Security ApplianceB . Ask the company to execute the payload for real time analysisC . Investigate further in open source repositories using YARA to find matchesD . Obtain a copy of the file for detonation in a sandbox