Free Cisco 350-201 Exam Questions

Become Cisco Certified with updated 350-201 exam questions and correct answers

Page: 1 / 28

Total 140 Questions | Updated On: Mar 26, 2026

Add To Cart

Question 1

Refer to the exhibit.

At which stage of the threat kill chain is an attacker, based on these URIs of inbound web requests from known malicious Internet scanners?

A : ploitation

B : tions on objectives

C : livery

D : connaissance

Answer: C

Question 2

Refer to the exhibit.

Which asset has the highest risk value?

A : rvers

B : website

C : payment process

D : cretary workstation

Answer: C

Question 3

A SOC team is informed that a UK-based user will be traveling between three countries over the next 60 days. Having the names of the 3 destination countries and the user's working hours, what must the analyst do next to detect an abnormal behavior?

A : eate a rule triggered by 3 failed VPN connection attempts in an 8-hour period

B : eate a rule triggered by 1 successful VPN connection from any nondestination country

C : eate a rule triggered by multiple successful VPN connections from the destination countries

D : alyze the logs from all countries related to this user during the traveling period

Answer: D

Question 4

An organization suffered a security breach in which the attacker exploited a Netlogon Remote Protocol vulnerability for further privilege escalation. Which two actions should the incident response team take to

prevent this type of attack from reoccurring? (Choose two.)

A : plement a patch management process.

B : an the company server files for known viruses.

C : ply existing patches to the company servers.

D : tomate antivirus scans of the company servers.

E : fine roles and responsibilities in the incident response playbook.

Answer: A,D

Question 5

Refer to the exhibit.

What is occurring in this packet capture?

A : P port scan

B : P flood

C : flood

D : tunneling

Answer: B

Page: 1 / 28

Total 140 Questions | Updated On: Mar 26, 2026

Add To Cart