Cisco
350-201 · Question #133
350-201 Question #133: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201 to reveal the answer and full explanation for question #133. The question stem and answer options stay visible for context.
Automation
Question
A SOC team receives multiple alerts by a rule that detects requests to malicious URLs and informs the incident response team to block the malicious URLs requested on the firewall. Which action will improve the effectiveness of the process?
Options
- ABlock local to remote HTTP/HTTPS requests on the firewall for users who triggered the rule.
- BInform the user by enabling an automated email response when the rule is triggered.
- CInform the incident response team by enabling an automated email response when the rule is
- DCreate an automation script for blocking URLs on the firewall when the rule is triggered.
Unlock 350-201 to see the answer
You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#SOAR automation#firewall automation#URL blocking#incident automation