350-201 · Question #16
Refer to the exhibit. An engineer configured this SOAR solution workflow to identify account theft threats and privilege escalation, evaluate risk, and respond by resolving the threat. This solution i
Sign in or unlock 350-201 to reveal the answer and full explanation for question #16. The question stem and answer options stay visible for context.
Question
Refer to the exhibit. An engineer configured this SOAR solution workflow to identify account theft threats and privilege escalation, evaluate risk, and respond by resolving the threat. This solution is handling more threats than Security analysts have time to analyze. Without this analysis, the team cannot be proactive and anticipate attacks. Which action will accomplish this goal?
Exhibit
Options
- AExclude the step "BAN malicious IP" to allow analysts to conduct and track the remediation
- BInclude a step "Take a Snapshot" to capture the endpoint state to contain the threat for analysis
- CExclude the step "Check for GeoIP location" to allow analysts to analyze the location and the
- DInclude a step "Reporting" to alert the security department of threats identified by the SOAR
Unlock 350-201 to see the answer
You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
