C_TS452_2020 SAP Certified Application Associate - SAP S/4HANA Sourcing and Procurement Exam

 

Delivery Methods: Certification
Level: Associate
Exam: 80 questions
Cut Score: 61%
Duration: 180 mins
Languages: English

Description
The "SAP Certified Application Associate - SAP S/4HANA Sourcing and Procurement" certification exam verifies that the candidate has the fundamental and core knowledge in the area of sourcing and procurement required for the consultant profile. This certificate proves that the candidate has an overall understanding and can implement the knowledge practically in projects to contribute to the success of the planning and implementation phases in a mentored role. Previous project experience is not necessarily a prerequisite to pass this exam.

Notes
To ensure success, SAP recommends combining education courses and hands-on experience to prepare for your certification exam as questions will test your ability to apply the knowledge you have gained in training.
You are not allowed to use any reference materials during the certification test (no access to online documentation or to any SAP system).

Topic Areas
Please see below the list of topics that may be covered within this certification and the courses that cover them. Its accuracy does not constitute a legitimate claim; SAP reserves the right to update the exam content (topics, items, weighting) at any time.

Procurement Processes > 12%
Describe and execute basic and specific procurement processes, e.g. standard procurement, subcontracting, self-service procurement etc.

TS450 (SAP S/4HANA 2020)
TS452 (SAP S/4HANA 2020)

----- OR -----

S4500 (SAP S/4HANA 2020)
S4520 (SAP S/4HANA 2020)
S4510 (SAP S/4HANA 2020)

Enterprise Structure and Master Data > 12%
Determine and configure organizational levels and master data for procurement processes.

TS450 (SAP S/4HANA 2020)
TS452 (SAP S/4HANA 2020)

----- OR -----

S4500 (SAP S/4HANA 2020)
S4550 (SAP S/4HANA 2020)
S4520 (SAP S/4HANA 2020)

Configuration of Purchasing > 12%
Configure settings in purchasing, e.g. document types, account assignment categories, output processing and release procedures.

TS452 (SAP S/4HANA 2020)
TS450 (SAP S/4HANA 2020)

----- OR -----

S4550 (SAP S/4HANA 2020)
S4520 (SAP S/4HANA 2020)

Inventory Management and Physical Inventory 8% - 12%

Process goods receipts, goods issues, transfer postings, and special inventory processes. Differentiate the types of physical inventory.

TS452 (SAP S/4HANA 2020)

----- OR -----

S4510 (SAP S/4HANA 2020)

Valuation and Account Assignment 8% - 12%

Understand and configure account determination and valuation.

TS452 (SAP S/4HANA 2020)

----- OR -----

S4550 (SAP S/4HANA 2020)

Invoice Verification 8% - 12%

Perform and configure invoice verification, manage variances and blocks, enter subsequent debits/credits, enter delivery costs, handle credit memos and reversals, and apply GR/IR account maintenance functions.

TS450 (SAP S/4HANA 2020)

----- OR -----

S4515 (SAP S/4HANA 2020)

Sources of Supply 8% - 12%

Articulate important elements of price determination and maintain and configure purchasing info records, central contracts, scheduling agreements, price changes.

TS450 (SAP S/4HANA 2020)

----- OR -----

S4520 (SAP S/4HANA 2020)

Purchasing Optimization 8% - 12%

Maintain source lists, apply quota arrangements, define priorities, block sources of supply, and use catalogs. Assign and process purchase requisitions and monitor order confirmations and deliveries.

TS450 (SAP S/4HANA 2020)

----- OR -----

S4520 (SAP S/4HANA 2020)

Analytics in Sourcing and Procurement < 8%

Apply embedded analytics capabilities to analyze procurement KPIs.

TS450 (SAP S/4HANA 2020)

----- OR -----

S4500 (SAP S/4HANA 2020)

Consumption-Based Planning < 8%

Explain and set up MRP. Perform a planning run using different options.

TS450 (SAP S/4HANA 2020)

----- OR -----

S4525 (SAP S/4HANA 2020)

SAP S/4HANA User Experience < 8%

Identify key capabilities of SAP Fiori UX and use the SAP Fiori Launchpad to navigate.

TS450 (SAP S/4HANA 2020)

----- OR -----

S4500 (SAP S/4HANA 2020)

General Information

Exam Preparation
All SAP consultant certifications are available as Cloud Certifications in the Certification Hub and can be booked with product code CER006. With CER006 – SAP Certification in the Cloud, you can take up to six exams attempts of your choice in one year – from wherever and whenever it suits you! Test dates can be chosen and booked individually.

Each specific certification comes with its own set of preparation tactics. We define them as "Topic Areas" and they can be found on each exam description. You can find the number of questions, the duration of the exam, what areas you will be tested on, and recommended course work and content you can reference.

Certification exams might contain unscored items that are being tested for upcoming releases of the exam. These unscored items are randomly distributed across the certification topics and are not counted towards the final score. The total number of items of an examination as advertised in the Training Shop is never exceeded when unscored items are used.

Please be aware that the professional- level certification also requires several years of practical on-the-job experience and addresses real-life scenarios.

For more information refer to our FAQs.
SAP Global Certification FAQ - Overview
SAP Global Certification FAQ - Exam Process
SAP Global Certification FAQ - Post-Exam Process

Safeguarding the Value of Certification
SAP Education has worked hard together with the Certification & Enablement Influence Council to enhance the value of certification and improve the exams. An increasing number of customers and partners are now looking towards certification as a reliable benchmark to safeguard their investments. Unfortunately, the increased demand for certification has brought with it a growing number of people who to try and attain SAP certification through unfair means. This ongoing issue has prompted SAP Education to place a new focus on test security. Please take a look at our post to understand what you can do to help to protect the credibility of your certification status.

Our Certification Test Security Guidelines will help you as test taker to understand the testing experience.

QUESTION 1
Which of the following is an end-to-end solution in Streamlined Procure to Pay?

A. Operational Procurement
B. Supplier Evaluation
C. Purchase Order Processing
D. Invoice Processing

Correct Answer: A

QUESTION 2
What are benefits of self-service requisitioning? (Choose two.)

A. Increased no-touch rate for purchase orders
B. Decreased number of purchase contracts
C. Integrated update function for material master data
D. Reduced procurement costs

Correct Answer: AD

QUESTION 3
Which of these are layers in SAP Best Practice content? (Choose three.)

A. Solution packages
B. Scope items
C. Building blocks
D. Configuration guides
E. Process diagrams

Correct Answer: ABC

Actualkey SAP C_TS452_2020 Exam pdf, Certkingdom SAP C_TS452_2020 PDF

Best SAP C_TS452_2020 Certification, SAP C_TS452_2020 Training at certkingdom.com

312-39 Certified SOC Analyst (CSA) Exam

 

Overview
On this accelerated EC-Council Certified SOC Analyst (CSA) course, you'll learn to identify, monitor and analyse cyber-attacks, and use the information to quickly respond to security incidents.

In just 2 days, you'll build the skill-set you need to work effectively within a security operations centre (SOC). You'll also learn about security information and event management (SIEM), deployment and architecture.

At the end of your course, you'll sit Exam 312-39 and return to the office an EC-Council Certified SOC Analyst (CSA).

On this accelerated course, you'll learn how to:
Recognise attacker tools, behaviours, tools and procedures
Use the Centralised Log Management (CLM) process
Make use of constantly changing threat information

If you're an aspiring SOC analyst or already are one at a Tier 1 and Tier 2 level, this course is ideal for you.

This course is also designed for security professionals who handle and manage network security operations, like network and security administrators or engineers, or network security operators.

You’ll train at twice the speed with Firebrand's unique Lecture | Lab | Review methodology. Learn in a distraction-free environment and become an EC-Council Certified SOC Analyst (CSA) in just 2 days.

Seven reasons why you should sit your course with Firebrand Training
Two options of training. Choose between residential classroom-based, or online EC-Council CSA courses
You'll be EC-Council CSA certified in just 2 days. With us, you’ll be EC-Council CSA trained in record time
Our EC-Council CSA course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
Pass EC-Council CSA first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
You’ll learn more. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
You’ll learn EC-Council CSA faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
You’ll be studying EC-Council CSA with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 101358 professionals, and we’re partners with all of the big names in the business

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

Benefits of Training with Firebrand
Two options of training - Residential classroom-based, or online courses
A purpose-built training centre – get access to dedicated Pearson VUE Select facilities
Certification Guarantee – pass first time or train again free (just pay for accommodation, exams and incidental costs)
Everything you need to certify – you’ll sit your exam at the earliest available opportunity after the course - either immediately after your classroom course, or as soon as there are slots available, if you've taken it online
No hidden extras – one cost covers everything you need to certify

Curriculum
Module 1: Security operations and management

Understand the SOC Fundamentals
Discuss the components of SOC: People, processes and technology
Understand the implementation of SOC

Module 2: Understanding cyber threats, IoCs, and attack methodology
2.1 Describe the term cyber threats and attacks
2.2 Understand the Network Level attacks
2.3 Understand the Host Level attacks
2.4 Understand the Application Level attacks
2.5 Understand the Indicators of Compromise (IoCs)
2.6 Discuss the attacker’s Hacking Methodology

Module 3: Incidents, events and logging
3.1 Understand the fundamentals of incidents, events, and logging
3.2 Explain the concepts of local logging
3.3 Explain the concepts of centralised logging

Module 4: Incident detection with Security Information and Event Management (SIEM)
4.1 Understand the basic concepts of Security Information and Event Management (SIEM)
4.2 Discuss the different SIEM Solutions
4.3 Understand the SIEM Deployment
4.4 Learn different use case examples for Application Level Incident Detection
4.5 Learn different use case examples for Insider Incident Detection
4.6 Learn different use case examples for Network Level Incident Detection
4.7 Learn different use case examples for Host Level Incident Detection
4.8 Learn different use case examples for Compliance
4.9 Understand the concept of handling alert triaging and analysis

Module 5: Enhanced incident detection with threat intelligence
5.1 Learn fundamental concepts on threat intelligence
5.2 Learn different types of threat intelligence
5.3 Understand how threat intelligence strategy is developed
5.4 Learn different threat intelligence sources from which intelligence can be obtained
5.5 Learn different Threat Intelligence Platform (TIP)
5.6 Understand the need of threat intelligence-driven SOC

Module 6: Incident response
6.1 Understand the fundamental concepts of incident response
6.2 Learn various phases in Incident Response Process
6.3 Learn how to respond to Network Security Incidents
6.4 Learn how to respond to Application Security Incidents
6.5 Learn how to respond to Email Security Incidents
6.6 Learn how to respond to Insider Incidents
6.7 Learn how to respond to Malware Incidents

Exam Track
You'll sit the following exam at the Firebrand Training centre, covered by your Certification Guarantee:

EC-Council Certified SOC Analyst (CSA) - Exam 312-39
Exam format: Multiple-choice
Exam duration: 120 minutes
Number of questions: 100
Passing score: 70%
Language: English
Domains:
1: Security operations and management (5%)
2: Understanding cyber threats, IoCs, and attack methodology (11%)
3: Incidents, events and logging (21%)
4: Incident detection with Security Information and Event Management (SIEM) (26%)
5: Enhanced incident detection with threat intelligence (8%)
6: Incident response (29%)

What's Included

Your accelerated course includes:
Accommodation *
Meals, unlimited snacks, beverages, tea and coffee *
On-site exams **
Exam vouchers **
Practice tests **
Certification Guarantee ***
Courseware
Up-to 12 hours of instructor-led training each day
24-hour lab access
Digital courseware **

QUESTION 1
Bonney's system has been compromised by a gruesome malware.
What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?

A. Complaint to police in a formal way regarding the incident
B. Turn off the infected machine
C. Leave it to the network administrators to handle
D. Call the legal department in the organization and inform about the incident

Correct Answer: B

QUESTION 2
According to the forensics investigation process, what is the next step carried out right after collecting the evidence?

A. Create a Chain of Custody Document
B. Send it to the nearby police station
C. Set a Forensic lab
D. Call Organizational Disciplinary Team

Correct Answer: A

QUESTION 3
Which one of the following is the correct flow for Setting Up a Computer Forensics Lab?

A. Planning and budgeting –> Physical location and structural design considerations –> Work area
considerations –> Human resource considerations –> Physical security recommendations –> Forensics lab licensing

B. Planning and budgeting –> Physical location and structural design considerations–> Forensics lab
licensing –> Human resource considerations –> Work area considerations –> Physical security recommendations

C. Planning and budgeting –> Forensics lab licensing –> Physical location and structural design
considerations –> Work area considerations –> Physical security recommendations –> Human resource considerations

D. Planning and budgeting –> Physical location and structural design considerations –> Forensics lab
licensing –>Work area considerations –> Human resource considerations –> Physical security recommendations

Correct Answer: A

QUESTION 4
Which of the following directory will contain logs related to printer access?

A. /var/log/cups/Printer_log file
B. /var/log/cups/access_log file
C. /var/log/cups/accesslog file
D. /var/log/cups/Printeraccess_log file

Correct Answer: A

Actualkey ECCouncil 312-39 Exam pdf, Certkingdom ECCouncil 312-39 PDF

Best ECCouncil 312-39 Certification, ECCouncil 312-39 Training at certkingdom.com

 

PCS Pulse Connect Secure (PCS): Administration and Configuration Exam

 

Pulse Connect Secure (PCS): Administration and Configuration

Certification Description
Be recognized for your technical expertise and highly specialized technical skills. Show your employer that you have a strong capacity to make a greater contribution to your organization as well being a trusted resource for Pulse Connect Secure (PCS) Administration and Configuration questions. Achieving Certified Technical Expert status will raise your profile and allow for career growth opportunities.

Target Audience
Network Engineers
Enterprise System Architect
Technical Support Specialists
Implementation Consultants

Prerequisites
Admin Guide
Instructor Led Training (4 Days): Pulse Connect Secure (PCS): Administration and Configuration

Topics Covered:
Initial Configuration
PCS Technology and Terminology
User Roles
Basic Logging and Troubleshooting
Resource Policies and Profiles
Authentication
Advanced Authentication Options
Certificates
Client and Server Applications
Pulse Secure Client
License Server Client Deployment
Endpoint Security
Administration
Virtualization
Clustering
Cloud Secure

QUESTION 1
To successfully connect to PCS, local authentication users:

A. Submit a username and password that matches a Microsoft Active Directory server.
B. Submit a digital certificate that matches a defined Certificate Authority.
C. Submit a username and password that matches a PCS database.
D. Submit a time-based, one-time password from their RSA SecurID software.

Correct Answer: A

QUESTION 2
To successfully connect to PCS, remote authentication users can: (Choose three.)

A. Submit a username and password that matches a Microsoft Active Directory server.
B. Submit a digital certificate that matches a defined Certificate Authority.
C. Submit a username and password that matches a SQL database.
D. Submit a time-based, one-time password from their RSA SecurID software.

Correct Answer: ABC

QUESTION 3
Which user role is configured by default?

A. Users
B. Partners
C. Read Only Administrators
D. Contractors

Correct Answer: A

QUESTION 4
True or False: When defining a User Role an administrator can restrict access to a role based on the type of browser the user is utilizing to attempt access.

A. true
B. false

Correct Answer: A

QUESTION 5
Which settings can be changed under User Role? (Choose two.)

A. Sessions Options
B. UI Options
C. Authentication Server
D. Policy Server

Correct Answer: AB

Actualkey Pulse Secure PCS exam pdf, Certkingdom Pulse Secure PCS PDF

Best Pulse Secure PCS Certification, Pulse Secure PCS Training at certkingdom.com

1z0-1054-20 Oracle Financials Cloud: General Ledger 2020 Implementation Essentials Exam

 

Earn associated certifications
Passing this exam is required to earn these certifications. Select each certification title below to view full requirements.

Oracle Financials Cloud: General Ledger 2020 Certified Implementation Specialist
Format: Multiple Choice
Duration: 85 Minutes
Exam Price: Rs.36,887
Number of Questions: 55
Passing Score: 60%
Validation: This exam has been validated against 20D.
Policy: Cloud Recertification
Take recommended training
Complete one of the courses below to prepare for your exam (optional):
From learning path: Oracle Financials Cloud: General Ledger 2020 Certified Implementation Specialist
In the subscription: Oracle Financials Cloud Learning Subscription

Additional Preparation and Information
A combination of Oracle training and hands-on experience (attained via labs and/or field experience) provides the best preparation for passing the exam.

Review exam topics
Note:
Cloud technology is ever-evolving. Oracle updates exam content regularly, to align with product updates and certification standards. Check exam topics before sitting for your exam to ensure that you are prepared for any updated content.

Enterprise Structures
Configure the Chart of Accounts
Explain Essbase
Set up accounting hierarchies
Set up the accounting calendar
Configure Chart of Accounts Security
Configure the legal entity structure and define the relationship to the Chart of Account
Configure Ledgers

Journal Processing
Process journal entries
Configure automated journal processing
Explain the journal approval set up
Configure allocations and periodic entries
Explain the secondary ledger and reporting currencies

Subledger Accounting
Create and manage Accounting Rules
Create and process subledger accounting entries
Explain the journal description rules
Identify supporting references

Intercompany Processing
Design the Chart of Accounts and segment level rules for intercompany
Set up Intercompany Accounting (system options, transaction types, organizations)
Describe intercompany balancing
Process intercompany transactions and periods
Process intercompany reconciliations

Reporting & Anaytics
Explain how to design and use various reporting tools
Set up the Financials Reporting Studio
Explain OTBI and GL Subject Areas
Describe Smart View accounting inquiry and analysis
Describe the General Accounting Dashboard and Work Areas
Analyze budgets versus actuals

Period Close
Explain the Close Process
Configure and process revaluations
Configure and process translations
Configure and process consolidations
Analyze reconciliations
Close monitor

Budgetary Control and Encumbrance
Configure and Process Budgets
Explain how to analyze and monitor Budget Consumption
Configure Encumbrance Accounting
Process Encumbrance Journals

Actualkey Oracle 1z0-1054-20 Exam pdf, Certkingdom Oracle 1z0-1054-20 PDF

Best Oracle 1z0-1054-20 Certification, Oracle 1z0-1054-20 Training at certkingdom.com

JN0-663 Service Provider Routing and Switching, Professional (JNCIP-SP) Exam

 

A great way to start the Juniper Networks Certified Professional Service Provider Routing and Switching (JNCIP-SP) preparation is to begin by properly appreciating the role that syllabus and study guide play in the Juniper JN0-663 certification exam. This study guide is an instrument to get you on the same page with Juniper and understand the nature of the Juniper JNCIP Service Provider exam.

Our team of experts has composed this Juniper JN0-663 exam preparation guide to provide the overview about Juniper Service Provider Routing and Switching Professional exam, study material, sample questions, practice exam and ways to interpret the exam objectives to help you assess your readiness for the Juniper JNCIP-SP exam by identifying prerequisite areas of knowledge. We recommend you to refer the simulation questions and practice test listed in this guide to determine what type of questions will be asked and the level of difficulty that could be tested in the Juniper JNCIP Service Provider certification exam.

Juniper JN0-663 Exam Overview:
Exam Name Service Provider Routing and Switching Professional
Exam Number JN0-663 JNCIP-SP
Duration 120 minutes
Number of Questions 65
Passing Score Pass / Fail (60-70% Approx.)
Recommended Training Advanced Junos Service Provider Routing (AJSPR)
Junos Layer 2 VPNs (JL2V)
Junos Layer 3 VPNs (JL3V)
Exam Registration PEARSON VUE
Practice Exam Juniper Networks Certified Professional Service Provider Routing and Switching Practice Test

Juniper JN0-663 Exam Topics:

Section Objectives
OSPF Describe the concepts, operation, or functionality of OSPFv2 or OSPFv3

OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Summarize and restrict routes
Virtual links
OSPFv2 versus OSPFv3

Given a scenario, demonstrate knowledge of how to configure or monitor single-area or multi-area OSPF
Implement OSPF routing policy

IS-IS Describe the concepts, operation, or functionality of IS-IS
IS-IS areas/levels and operations
LSP flooding through an IS-IS multi-area network
DIS operation
SPF algorithm
Metrics, including wide metrics
Route summarization and route leaking

Given a scenario, demonstrate knowledge of how to configure or monitor single-area or multi-area IS-IS
Implement IS-IS routing policy

BGP Describe the concepts, operation, or functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes: concept and operation
BGP communities
Regular expressions
Multipath
Multihop
Load balancing
Advanced BGP options
BGP route damping
FlowSpec
Multiprotocol BGP

Describe the concepts, operation, or functionality of BGP scaling mechanisms
Route reflection

Given a scenario, demonstrate knowledge of how to configure or monitor BGP
Implement BGP routing policy

Class of Service (CoS) Describe the concepts, operation, or functionality of Junos CoS
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers
Schedulers
Drop profiles
Rewrite rules

Given a scenario, demonstrate knowledge of how to configure or monitor CoS

IP Multicast Describe the concepts, operation, or functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) versus Source-Specific Multicast (SSM)
RPF: concept and operation
IGMP
PIM dense-mode and sparse-mode
Rendezvous point (RP): concept, operation, discovery, and election
SSM: requirements, benefits, address ranges
Anycast RP

Given a scenario, demonstrate knowledge of how to configure or monitor IGMP, PIM-DM, or PIM-SM (including SSM)
Implement IP multicast routing policy

Layer 3 VPNs Describe the concepts, operation, or functionality of Layer 3 VPNs
Traffic flow: control and data planes
Full mesh versus hub-and-spoke topology
VPN-IPv4 addressing
Route distinguishers
Route targets
Route distribution
Site of origin
Sham links
vrf-table-label
Next-generation MVPNs
Flow of control and data traffic in an MVPN
Layer 3 VPN scaling
IPv6 Layer 3 VPNs
Layer 3 VPN Internet access options

- Given a scenario, demonstrate knowledge of how to configure or monitor the components of Layer 3 VPNs

- Describe Junos support for carrier-of-carriers or interprovider VPN models

Layer 2 VPNs Describe the concepts, operation, or functionality of BGP Layer 2 VPNs
Traffic flow: control and data planes
Forwarding tables
Connection mapping
Layer 2 VPN NLRI
Route distinguishers
Route targets
Layer 2 VPN scaling

Describe the concepts, operation, or functionality of LDP Layer 2 circuits
Traffic flow: control and data planes
Virtual circuit label
AutoDiscovery
Layer 2 interworking

Describe the concepts, operation, or functionality of VPLS
Traffic flow: control and data planes
BGP VPLS label distribution
LDP VPLS label distribution
Route targets
VPLS Multihoming
Site IDs

Describe the concepts, operation, or functionality of EVPN
Traffic flow: control and data planes
MAC learning and distribution
EVPN Multihoming
BGP EVPN label distribution

Given a scenario, demonstrate knowledge of how to configure, monitor, or troubleshoot Layer 2 VPNs
BGP Layer 2 VPNs
LDP Layer 2 circuits
EVPNs
VPLS

Juniper JNCIP-SP Exam Description:
Designed for experienced networking professionals with advanced knowledge of the Juniper Networks Junos OS, this written exam verifies the candidate’s understanding of advanced routing technologies and related platform configuration and troubleshooting skills.

Actualkey Juniper JN0-663 Exam pdf, Certkingdom Juniper JN0-663 PDF

Best Juniper JN0-663 Certification, Juniper JN0-663 Training at certkingdom.com

350-201 Performing CyberOps Using Core Security Technologies (CBRCOR) Exam

 

350-201 CBRCOR
Certification: Cisco Certified CyberOps Professional, Cisco Certified CyberOps Specialist – CyberOps Core
Duration: 120 minutes
Available languages: English

Exam overview
This exam tests your knowledge and skills related to core cybersecurity operations, including:
Fundamentals
Techniques
Processes
Automation


Exam Description:
Performing CyberOps Using Cisco Security Technologies v1.0 (CBRCOR 350-201) is a 120-minute exam that is associated with the Cisco CyberOps Professional Certification. This exam tests a candidate's knowledge of core cybersecurity operations including cybersecurity fundamentals, techniques, processes, and automation. The course Performing CyberOps Using Cisco Security Technologies helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

20% 1.0 Fundamentals
1.1 Interpret the components within a playbook
1.2 Determine the tools needed based on a playbook scenario
1.3 Apply the playbook for a common scenario (for example, unauthorized elevation of privilege, DoS and DDoS, website defacement)
1.4 Infer the industry for various compliance standards (for example, PCI, FISMA, FedRAMP,

SOC, SOX, PCI, GDPR, Data Privacy, and ISO 27101)
1.5 Describe the concepts and limitations of cyber risk insurance
1.6 Analyze elements of a risk analysis (combination asset, vulnerability, and threat)
1.7 Apply the incident response workflow
1.8 Describe characteristics and areas of improvement using common incident response metrics
1.9 Describe types of cloud environments (for example, IaaS platform)
1.10 Compare security operations considerations of cloud platforms (for example, IaaS, PaaS)

30% 2.0 Techniques
2.1 Recommend data analytic techniques to meet specific needs or answer specific questions
2.2 Describe the use of hardening machine images for deployment
2.3 Describe the process of evaluating the security posture of an asset
2.4 Evaluate the security controls of an environment, diagnose gaps, and recommend improvement
2.5 Determine resources for industry standards and recommendations for hardening of systems
2.6 Determine patching recommendations, given a scenario
2.7 Recommend services to disable, given a scenario
2.8 Apply segmentation to a network
2.9 Utilize network controls for network hardening
2.10 Determine SecDevOps recommendations (implications)
2.11 Describe use and concepts related to using a Threat Intelligence Platform (TIP) to automate intelligence
2.12 Apply threat intelligence using tools
2.13 Apply the concepts of data loss, data leakage, data in motion, data in use, and data at rest based on common standards
2.14 Describe the different mechanisms to detect and enforce data loss prevention techniques
2.14.a host-based
2.14.b network-based
2.14.c application-based
2.14.d cloud-based
2.15 Recommend tuning or adapting devices and software across rules, filters, and policies
2.16 Describe the concepts of security data management
2.17 Describe use and concepts of tools for security data analytics
2.18 Recommend workflow from the described issue through escalation and the automation needed for resolution
2.19 Apply dashboard data to communicate with technical, leadership, or executive stakeholders
2.20 Analyze anomalous user and entity behavior (UEBA)
2.21 Determine the next action based on user behavior alerts
2.22 Describe tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools)
2.23 Evaluate artifacts and streams in a packet capture file
2.24 Troubleshoot existing detection rules
2.25 Determine the tactics, techniques, and procedures (TTPs) from an attack

30% 3.0 Processes
3.1 Prioritize components in a threat model
3.2 Determine the steps to investigate the common types of cases
3.3 Apply the concepts and sequence of steps in the malware analysis process:
3.3.a Extract and identify samples for analysis (for example, from packet capture or packet analysis tools)
3.3.b Perform reverse engineering
3.3.c Perform dynamic malware analysis using a sandbox environment
3.3.d Identify the need for additional static malware analysis
3.3.e Perform static malware analysis
3.3.f Summarize and share results
3.4 Interpret the sequence of events during an attack based on analysis of traffic patterns
3.5 Determine the steps to investigate potential endpoint intrusion across a variety of platform types (for example, desktop, laptop, IoT, mobile devices)
3.6 Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs), given a scenario
3.7 Determine IOCs in a sandbox environment (includes generating complex indicators)
3.8 Determine the steps to investigate potential data loss from a variety of vectors of modality (for example, cloud, endpoint, server, databases, application), given a scenario
3.9 Recommend the general mitigation steps to address vulnerability issues
3.10 Recommend the next steps for vulnerability triage and risk analysis using industry scoring systems (for example, CVSS) and other techniques

20% 4.0 Automation
4.1 Compare concepts, platforms, and mechanisms of orchestration and automation
4.2 Interpret basic scripts (for example, Python)
4.3 Modify a provided script to automate a security operations task
4.4 Recognize common data formats (for example, JSON, HTML, CSV, XML)
4.5 Determine opportunities for automation and orchestration
4.6 Determine the constraints when consuming APIs (for example, rate limited, timeouts, and payload)
4.7 Explain the common HTTP response codes associated with REST APIs
4.8 Evaluate the parts of an HTTP response (response code, headers, body)
4.9 Interpret API authentication mechanisms: basic, custom token, and API keys
4.10 Utilize Bash commands (file management, directory navigation, and environmental variables)
4.11 Describe components of a CI/CD pipeline
4.12 Apply the principles of DevOps practices
4.13 Describe the principles of Infrastructure as Code

QUESTION 1
A threat actor attacked an organization’s Active Directory server from a remote location, and in a thirty-minute
timeframe, stole the password for the administrator account and attempted to access 3 company servers. The
threat actor successfully accessed the first server that contained sales data, but no files were downloaded. A
second server was also accessed that contained marketing information and 11 files were downloaded. When
the threat actor accessed the third server that contained corporate financial data, the session was
disconnected, and the administrator’s account was disabled. Which activity triggered the behavior analytics tool?

A. accessing the Active Directory server
B. accessing the server with financial data
C. accessing multiple servers
D. downloading more than 10 files

Correct Answer: C

QUESTION 2
The physical security department received a report that an unauthorized person followed an authorized
individual to enter a secured premise. The incident was documented and given to a security specialist to
analyze. Which step should be taken at this stage?

A. Determine the assets to which the attacker has access
B. Identify assets the attacker handled or acquired
C. Change access controls to high risk assets in the enterprise
D. Identify movement of the attacker in the enterprise

Correct Answer: D

QUESTION 2
A new malware variant is discovered hidden in pirated software that is distributed on the Internet. Executives
have asked for an organizational risk assessment. The security officer is given a list of all assets. According to
NIST, which two elements are missing to calculate the risk assessment? (Choose two.)

A. incident response playbooks
B. asset vulnerability assessment
C. report of staff members with asset relations
D. key assets and executives
E. malware analysis report
Correct Answer: BE

QUESTION 3
According to GDPR, what should be done with data to ensure its confidentiality, integrity, and availability?

A. Perform a vulnerability assessment
B. Conduct a data protection impact assessment
C. Conduct penetration testing
D. Perform awareness testing

Correct Answer: B

Actualkey Cisco 350-201 Exam pdf, Certkingdom Cisco 350-201 PDF

Best Cisco 350-201 Certification, Cisco 350-201 Training at certkingdom.com