Online Access Free Cisco.350-201.v2021-08-13.q63 Practice Test (Page 2)

350-201 Exam Question 1

A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat. What is the first action for the incident response team?

A.Perform analysis based on the established risk factors

B.Assess the network for unexpected behavior

C.Patch detected vulnerabilities from critical hosts

D.Isolate critical hosts from the network

350-201 Exam Question 2

A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code execution attack occurred in a company's infrastructure. Which steps should an engineer take at the recovery stage?

A.Review access lists and require users to increase password complexity

B.Determine the systems involved and deploy available patches

C.Identify the attack vector and update the IDS signature list

D.Analyze event logs and restrict network access

350-201 Exam Question 3

Refer to the exhibit.

Which data format is being used?

A.CSV

B.XML

C.HTML

D.JSON

350-201 Exam Question 4

What is the purpose of hardening systems?

A.to securely configure machines to limit the attack surface

B.to identify vulnerabilities within an operating system

C.to create the logic that triggers alerts when anomalies occur

D.to analyze attacks to identify threat actors and points of entry

350-201 Exam Question 5

A SOC team is informed that a UK-based user will be traveling between three countries over the next 60 days. Having the names of the 3 destination countries and the user's working hours, what must the analyst do next to detect an abnormal behavior?

A.Create a rule triggered by multiple successful VPN connections from the destination countries

B.Analyze the logs from all countries related to this user during the traveling period

C.Create a rule triggered by 1 successful VPN connection from any nondestination country

D.Create a rule triggered by 3 failed VPN connection attempts in an 8-hour period

Other Version: 1718Cisco.350-201.v2022-03-21.q68; 76Cisco.Verifieddumps.350-201.v2022-03-05.by.sigrid.68q.pdf

Latest Upload: 149CBIC.CIC.v2025-09-13.q75; 151Cisco.700-841.v2025-09-13.q131; 145SAP.C_ABAPD_2507.v2025-09-12.q56; 128SAP.C_TS452_2022.v2025-09-12.q83; 211ACSM.020-222.v2025-09-11.q48; 166VMware.5V0-31.23.v2025-09-10.q73; 138Oracle.1z0-915-1.v2025-09-10.q24; 173Citrix.1Y0-231.v2025-09-10.q87; 148SAP.C-THR85-2505.v2025-09-09.q29; 188Adobe.AD0-E727.v2025-09-09.q76

350-201 Exam Question 1

350-201 Exam Question 2

350-201 Exam Question 3

350-201 Exam Question 4

350-201 Exam Question 5

Download PDF File