Free Cisco 350-201 Exam Questions

Become Cisco Certified with updated 350-201 exam questions and correct answers

Page: 1 / 28

Total 140 Questions | Updated On: Aug 25, 2025

Add To Cart

Question 1

Refer to the exhibit.

Two types of clients are accessing the front ends and the core database that manages transactions, access control, and atomicity. What is the threat model for the SQL database?

A : attacker can initiate a DoS attack.

B : attacker can read or change data.

C : attacker can transfer data to an external server.

D : attacker can modify the access logs.

Answer: A

Question 2

Refer to the exhibit.

An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon -- Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?

A : lware break

B : ta theft

C : evation of privileges

D : nial-of-service

Answer: C

Question 3

A SOC team is informed that a UK-based user will be traveling between three countries over the next 60 days. Having the names of the 3 destination countries and the user's working hours, what must the analyst do next to detect an abnormal behavior?

A : eate a rule triggered by 3 failed VPN connection attempts in an 8-hour period

B : eate a rule triggered by 1 successful VPN connection from any nondestination country

C : eate a rule triggered by multiple successful VPN connections from the destination countries

D : alyze the logs from all countries related to this user during the traveling period

Answer: D

Question 4

An engineer wants to review the packet overviews of SNORT alerts. When printing the SNORT alerts, all the packet headers are included, and the file is too large to utilize. Which action is needed to correct this problem?

A : dify the alert rule to ''output alert_syslog: output log''

B : dify the output module rule to ''output alert_quick: output filename''

C : dify the alert rule to ''output alert_syslog: output header''

D : dify the output module rule to ''output alert_fast: output filename''

Answer: A

Question 5

An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?

#!/usr/bin/python import sys import requests

A : {1}, {2}

B : {1}, {3}

C : nsole_ip, api_token

D : nsole_ip, reference_set_name

Answer: C

Page: 1 / 28

Total 140 Questions | Updated On: Aug 25, 2025

Add To Cart