Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 66

An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?
#!/usr/bin/python
import sys
import requests

Answer options

• A. {1}, {2}
• B. {1}, {3}
• C. console_ip, api_token
• D. console_ip, reference_set_name

Correct answer: C

Explanation

The correct answer is C, as both console_ip and api_token are necessary for authentication and establishing a connection with the SIEM API to receive a valid HTTP response. Options A and B include irrelevant variables that do not contribute to the successful HTTP request, and option D lacks the essential api_token needed for authentication.