Free 350-201 Exam Questions - Easiest Way for Success

Prepare for the Cisco 350-201 exam questions with our authentic preparation materials, including free 350-201 practice exam questions and answers. TheExamsLab provides all the support you need to succeed in the Performing CyberOps Using Cisco Security Technologies 350-201 exam. This dedication to student success is why we have the most satisfied 350-201 certification exam candidates worldwide.

Page: 1 / 28

Total 140 Questions | Updated On: Sep 11, 2024

Add To Cart

Question 1

An organization suffered a security breach in which the attacker exploited a Netlogon Remote Protocol vulnerability for further privilege escalation. Which two actions should the incident response team take to

prevent this type of attack from reoccurring? (Choose two.)

A : Implement a patch management process.

B : Scan the company server files for known viruses.

C : Apply existing patches to the company servers.

D : Automate antivirus scans of the company servers.

E : Define roles and responsibilities in the incident response playbook.

Answer: A,D

Question 2

Refer to the exhibit.

Two types of clients are accessing the front ends and the core database that manages transactions, access control, and atomicity. What is the threat model for the SQL database?

A : An attacker can initiate a DoS attack.

B : An attacker can read or change data.

C : An attacker can transfer data to an external server.

D : An attacker can modify the access logs.

Answer: A

Question 3

An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?

#!/usr/bin/python import sys import requests

A : {1}, {2}

B : {1}, {3}

C : console_ip, api_token

D : console_ip, reference_set_name

Answer: C

Question 4

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

A : Create a follow-up report based on the incident documentation.

B : Perform a vulnerability assessment to find existing vulnerabilities.

C : Eradicate malicious software from the infected machines.

D : Collect evidence and maintain a chain-of-custody during further analysis.

Answer: D

Question 5

Refer to the exhibit.

At which stage of the threat kill chain is an attacker, based on these URIs of inbound web requests from known malicious Internet scanners?

A : exploitation

B : actions on objectives

C : delivery

D : reconnaissance

Answer: C

Page: 1 / 28

Total 140 Questions | Updated On: Sep 11, 2024

Add To Cart