Free Cisco 350-201 Exam Dumps Questions & Answers


Exam Code/Number:	350-201Join the discussion
Exam Name:	Performing CyberOps Using Cisco Security Technologies
Certification:	Cisco
Free Question Number:	141
Publish Date:	Dec 13, 2025
# of views:	3933
Rating 100%

Page: 1 / 29
Total 141 questions

Question 1

A SIEM tool fires an alert about a VPN connection attempt from an unusual location. The incident response team validates that an attacker has installed a remote access tool on a user's laptop while traveling. The attacker has the user's credentials and is attempting to connect to the network.
What is the next step in handling the incident?

A.Identify lateral movement
B.Perform an antivirus scan on the laptop
C.Block the source IP from the firewall
D.Identify systems or services at risk

Question 2

A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat. What is the first action for the incident response team?

A.Patch detected vulnerabilities from critical hosts
B.Assess the network for unexpected behavior
C.Isolate critical hosts from the network
D.Perform analysis based on the established risk factors

Question 3

Refer to the exhibit.

An engineer received multiple reports from employees unable to log into systems with the error: The Group Policy Client service failed to logon - Access is denied. Through further analysis, the engineer discovered several unexpected modifications to system settings. Which type of breach is occurring?

A.malware break
B.data theft
C.elevation of privileges
D.denial-of-service

Question 4

Refer to the exhibit.

What is the threat in this Wireshark traffic capture?

A.A flood of SYN packets coming from a single source IP to a single destination IP
B.A high rate of SYN packets being sent from multiple sources toward a single destination IP
C.A flood of ACK packets coming from a single source IP to multiple destination IPs
D.A high rate of SYN packets being sent from a single source IP toward multiple destination IPs

Question 5

A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.861.2117.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?

A.virus outbreak
B.phishing attack
C.malware outbreak
D.DDoS attack

350-201 Dumps Other Version	QA's	Publish Date
Cisco.350-201.v2024-12-30.q116	116	Dec 30, 2024
Cisco.350-201.v2024-04-12.q64	64	Apr 12, 2024
Cisco.350-201.v2022-09-07.q70	70	Sep 07, 2022
Cisco.350-201.v2022-03-31.q66	66	Mar 31, 2022