Free Practice Cisco 350-201 Exam Questions 2025

Stay ahead with 100% Free Performing CyberOps Using Core Security Technologies 350-201 Dumps Practice Questions

Page: 1 / 28

Total 140 Questions | Updated On: Mar 25, 2025

Add To Cart

Question 1

Refer to the exhibit.

What is occurring in this packet capture?

A : TCP port scan

B : TCP flood

C : DNS flood

D : DNS tunneling

Answer: B

Question 2

A company's web server availability was breached by a DDoS attack and was offline for 3 hours because it was not deemed a critical asset in the incident response playbook. Leadership has requested a risk assessment of the asset. An analyst conducted the risk assessment using the threat sources, events, and vulnerabilities. Which additional element is needed to calculate the risk?

A : assessment scope

B : event severity and likelihood

C : incident response playbook

D : risk model framework

Answer: D

Question 3

An organization suffered a security breach in which the attacker exploited a Netlogon Remote Protocol vulnerability for further privilege escalation. Which two actions should the incident response team take to

prevent this type of attack from reoccurring? (Choose two.)

A : Implement a patch management process.

B : Scan the company server files for known viruses.

C : Apply existing patches to the company servers.

D : Automate antivirus scans of the company servers.

E : Define roles and responsibilities in the incident response playbook.

Answer: A,D

Question 4

An engineer wants to review the packet overviews of SNORT alerts. When printing the SNORT alerts, all the packet headers are included, and the file is too large to utilize. Which action is needed to correct this problem?

A : Modify the alert rule to ''output alert_syslog: output log''

B : Modify the output module rule to ''output alert_quick: output filename''

C : Modify the alert rule to ''output alert_syslog: output header''

D : Modify the output module rule to ''output alert_fast: output filename''

Answer: A

Question 5

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

A : Create a follow-up report based on the incident documentation.

B : Perform a vulnerability assessment to find existing vulnerabilities.

C : Eradicate malicious software from the infected machines.

D : Collect evidence and maintain a chain-of-custody during further analysis.

Answer: D

Page: 1 / 28

Total 140 Questions | Updated On: Mar 25, 2025

Add To Cart