Implementing Automation for Cisco Security Solutions (SAUTO) — Question 41

Which API is used to query if the domain "example.com" has been flagged as malicious by the Cisco Security Labs team?

Answer options

• A. https://s-platform.api.opendns.com/1.0/events?example.com
• B. https://investigate.api.umbrella.com/domains/categorization/example.com
• C. https://investigate.api.umbrella.com/domains/volume/example.com
• D. https://s-platform.api.opendns.com/1.0/domains?example.com

Correct answer: B

Explanation

The correct answer is B because it specifically targets the categorization of the domain, which includes malicious flags. Options A and D are related to events and general domain queries but do not provide categorization information, while option C focuses on volume data, which is not relevant to malicious activity.