Free Cisco 350-201 Exam Questions

Become Cisco Certified with updated 350-201 exam questions and correct answers

Page: 1 / 28

Total 140 Questions | Updated On: Jan 12, 2026

Add To Cart

Question 1

The incident response team receives information about the abnormal behavior of a host. A malicious file is found being executed from an external USB flash drive. The team collects and documents all the necessary evidence from the computing resource. What is the next step?

A : nduct a risk assessment of systems and applications

B : olate the infected host from the rest of the subnet

C : tall malware prevention software on the host

D : alyze network traffic on the host's subnet

Answer: B

Question 2

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

A : eate a follow-up report based on the incident documentation.

B : rform a vulnerability assessment to find existing vulnerabilities.

C : Eradicate malicious software from the infected machines.

D : llect evidence and maintain a chain-of-custody during further analysis.

Answer: D

Question 3

An engineer wants to review the packet overviews of SNORT alerts. When printing the SNORT alerts, all the packet headers are included, and the file is too large to utilize. Which action is needed to correct this problem?

A : dify the alert rule to ''output alert_syslog: output log''

B : dify the output module rule to ''output alert_quick: output filename''

C : dify the alert rule to ''output alert_syslog: output header''

D : dify the output module rule to ''output alert_fast: output filename''

Answer: A

Question 4

Refer to the exhibit.

An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon -- Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?

A : lware break

B : ta theft

C : evation of privileges

D : nial-of-service

Answer: C

Question 5

Refer to the exhibit.

Where are the browser page rendering permissions displayed?

A : frame-options

B : xss-protection

C : content-type-options

D : test-debug

Answer: C

Page: 1 / 28

Total 140 Questions | Updated On: Jan 12, 2026

Add To Cart