Free Practice Cisco 350-201 Exam Questions 2025

Stay ahead with 100% Free Performing CyberOps Using Core Security Technologies 350-201 Dumps Practice Questions

Page: 1 / 28

Total 140 Questions | Updated On: Jan 22, 2021

Add To Cart

Question 1

Refer to the exhibit.

At which stage of the threat kill chain is an attacker, based on these URIs of inbound web requests from known malicious Internet scanners?

A : exploitation

B : actions on objectives

C : delivery

D : reconnaissance

Answer: C

Question 2

Refer to the exhibit.

An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon -- Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?

A : malware break

B : data theft

C : elevation of privileges

D : denial-of-service

Answer: C

Question 3

A SOC team is informed that a UK-based user will be traveling between three countries over the next 60 days. Having the names of the 3 destination countries and the user's working hours, what must the analyst do next to detect an abnormal behavior?

A : Create a rule triggered by 3 failed VPN connection attempts in an 8-hour period

B : Create a rule triggered by 1 successful VPN connection from any nondestination country

C : Create a rule triggered by multiple successful VPN connections from the destination countries

D : Analyze the logs from all countries related to this user during the traveling period

Answer: D

Question 4

A company's web server availability was breached by a DDoS attack and was offline for 3 hours because it was not deemed a critical asset in the incident response playbook. Leadership has requested a risk assessment of the asset. An analyst conducted the risk assessment using the threat sources, events, and vulnerabilities. Which additional element is needed to calculate the risk?

A : assessment scope

B : event severity and likelihood

C : incident response playbook

D : risk model framework

Answer: D

Question 5

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

A : Create a follow-up report based on the incident documentation.

B : Perform a vulnerability assessment to find existing vulnerabilities.

C : Eradicate malicious software from the infected machines.

D : Collect evidence and maintain a chain-of-custody during further analysis.

Answer: D

Page: 1 / 28

Total 140 Questions | Updated On: Jan 22, 2021

Add To Cart