Free Cisco 350-201 Exam Questions

Become Cisco Certified with updated 350-201 exam questions and correct answers

Page: 1 / 28

Total 140 Questions | Updated On: Mar 13, 2026

Add To Cart

Question 1

Refer to the exhibit.

At which stage of the threat kill chain is an attacker, based on these URIs of inbound web requests from known malicious Internet scanners?

A : ploitation

B : tions on objectives

C : livery

D : connaissance

Answer: C

Question 2

An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?

#!/usr/bin/python import sys import requests

A : {1}, {2}

B : {1}, {3}

C : nsole_ip, api_token

D : nsole_ip, reference_set_name

Answer: C

Question 3

Refer to the exhibit.

Which asset has the highest risk value?

A : rvers

B : website

C : payment process

D : cretary workstation

Answer: C

Question 4

Refer to the exhibit.

What is occurring in this packet capture?

A : P port scan

B : P flood

C : flood

D : tunneling

Answer: B

Question 5

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

A : eate a follow-up report based on the incident documentation.

B : rform a vulnerability assessment to find existing vulnerabilities.

C : Eradicate malicious software from the infected machines.

D : llect evidence and maintain a chain-of-custody during further analysis.

Answer: D

Page: 1 / 28

Total 140 Questions | Updated On: Mar 13, 2026

Add To Cart