Free 350-201 Practice Exam Questions Online

Why Cisco 350-201 Practice Exam Questions?

Ready to level up your Cisco 350-201 exam study? Just TheExamsLab 350-201 practice tests free.

350-201 exam questions are expertly crafted practice tests designed to simulate the real Cisco certification exam environment and help you assess your knowledge and figure out where you are lacking. From our free Performing CyberOps Using Cisco Security Technologies 350-201 practice exam, you will feel secure in passing any question type or time limit. TheExamsLab offers the 350-201 exam questions 2024. Don’t settle or do it half-heartedly get the best and invest in the best what you want is what you get.

Page: 1 / 28

Total 140 Questions | Updated On: Nov 21, 2024

Add To Cart

Question 1

A company's web server availability was breached by a DDoS attack and was offline for 3 hours because it was not deemed a critical asset in the incident response playbook. Leadership has requested a risk assessment of the asset. An analyst conducted the risk assessment using the threat sources, events, and vulnerabilities. Which additional element is needed to calculate the risk?

A : assessment scope

B : event severity and likelihood

C : incident response playbook

D : risk model framework

Answer: D

Question 2

Refer to the exhibit.

What results from this script?

A : Seeds for existing domains are checked

B : A search is conducted for additional seeds

C : Domains are compared to seed rules

D : A list of domains as seeds is blocked

Answer: B

Question 3

The incident response team receives information about the abnormal behavior of a host. A malicious file is found being executed from an external USB flash drive. The team collects and documents all the necessary evidence from the computing resource. What is the next step?

A : Conduct a risk assessment of systems and applications

B : Isolate the infected host from the rest of the subnet

C : Install malware prevention software on the host

D : Analyze network traffic on the host's subnet

Answer: B

Question 4

A SOC team is informed that a UK-based user will be traveling between three countries over the next 60 days. Having the names of the 3 destination countries and the user's working hours, what must the analyst do next to detect an abnormal behavior?

A : Create a rule triggered by 3 failed VPN connection attempts in an 8-hour period

B : Create a rule triggered by 1 successful VPN connection from any nondestination country

C : Create a rule triggered by multiple successful VPN connections from the destination countries

D : Analyze the logs from all countries related to this user during the traveling period

Answer: D

Question 5

Refer to the exhibit.

Two types of clients are accessing the front ends and the core database that manages transactions, access control, and atomicity. What is the threat model for the SQL database?

A : An attacker can initiate a DoS attack.

B : An attacker can read or change data.

C : An attacker can transfer data to an external server.

D : An attacker can modify the access logs.

Answer: A

Page: 1 / 28

Total 140 Questions | Updated On: Nov 21, 2024

Add To Cart