Updated Apr-2023 Test Engine to Practice Test for 350-201 Exam Questions and Answers!
Performing CyberOps Using Cisco Security Technologies Certification Sample Questions and Practice Exam
Exam Details
Cisco 350-201 gives a solid base needed for the skills that you will get for the concentration test. This way, you will be able to gain all the required knowledge and earn the certification to prove your expertise for the real-life events. It measures your level of knowledge of various cybersecurity processes and techniques.
The exam contains about 100-110 questions and an interested candidate should answer them all within 2 hours. Please note that you can face with different types of questions, including fill-in-the-blank, drag and drop, testlet, as well as multiple choice with single and multiple answers. To become eligible for the concentration test, you have to score about 825 points. If talking about the registration process for this Cisco exam, it is important to mention that an applicant needs to pay $400. Besides that, you should have an account on the Pearson VUE platform to be able to schedule the test.
NEW QUESTION 22
An API developer is improving an application code to prevent DDoS attacks. The solution needs to accommodate instances of a large number of API requests coming for legitimate purposes from trustworthy services. Which solution should be implemented?
- A. Increase a limit of replies in a given interval for each API. If the limit is exceeded, block access from the API key permanently and return a 450 HTTP error code.
- B. Restrict the number of requests based on a calculation of daily averages. If the limit is exceeded, temporarily block access from the IP address and return a 402 HTTP error code.
- C. Implement REST API Security Essentials solution to automatically mitigate limit exhaustion. If the limit is exceeded, temporarily block access from the service and return a 409 HTTP error code.
- D. Apply a limit to the number of requests in a given time interval for each API. If the rate is exceeded, block access from the API key temporarily and return a 429 HTTP error code.
Answer: D
NEW QUESTION 23 
Refer to the exhibit. An employee is a victim of a social engineering phone call and installs remote access software to allow an "MS Support" technician to check his machine for malware. The employee becomes suspicious after the remote technician requests payment in the form of gift cards. The employee has copies of multiple, unencrypted database files, over 400 MB each, on his system and is worried that the scammer copied the files off but has no proof of it. The remote technician was connected sometime between 2:00 pm and 3:00 pm over https. What should be determined regarding data loss between the employee's laptop and the remote technician's system?
- A. The database files integrity was violated
- B. No database files were disclosed
- C. The database files were disclosed
- D. The database files were intentionally corrupted, and encryption is possible
Answer: A
NEW QUESTION 24
Refer to the exhibit. What is occurring in this packet capture?
- A. TCP flood
- B. DNS flood
- C. DNS tunneling
- D. TCP port scan
Answer: A
NEW QUESTION 25
Refer to the exhibit.
Which indicator of compromise is represented by this STIX?
- A. cross-site scripting vulnerability to backdoor server
- B. web server vulnerability exploited by malware
- C. website hosting malware to download files
- D. website redirecting traffic to ransomware server
Answer: B
NEW QUESTION 26
Refer to the exhibit.
For IP 192.168.1.209, what are the risk level, activity, and next step?
- A. critical risk level, malicious server IP, run in a sandboxed environment
- B. critical risk level, data exfiltration, isolate the device
- C. high risk level, anomalous periodic communication, quarantine with antivirus
- D. high risk level, malicious host, investigate further
Answer: C
NEW QUESTION 27 
Refer to the exhibit. Where are the browser page rendering permissions displayed?
- A. x-content-type-options
- B. x-test-debug
- C. x-frame-options
- D. x-xss-protection
Answer: A
Explanation:
Explanation
Explanation/Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
NEW QUESTION 28
According to GDPR, what should be done with data to ensure its confidentiality, integrity, and availability?
- A. Conduct penetration testing
- B. Perform a vulnerability assessment
- C. Perform awareness testing
- D. Conduct a data protection impact assessment
Answer: D
Explanation:
Explanation/Reference: https://apdcat.gencat.cat/web/.content/03-documentacio/ Reglament_general_de_proteccio_de_dades/documents/DPIA-Guide.pdf
NEW QUESTION 29
An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle. The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually. Which action will improve workflow automation?
- A. Integrate a SOAR solution with Active Directory to pull server owner details from the AD and send an automated email for problematic certificates requesting updates.
- B. Integrate a PKI solution within SOAR to create certificates within the SOAR engines to track, update, and monitor problematic certificates.
- C. Implement a new workflow for SOAR to fetch a report of assets that are outside of the PKI zone, sort assets by certification management leads and automate alerts that updates are needed.
- D. Implement a new workflow within SOAR to create tickets in the incident response system, assign problematic certificate update requests to server owners, and register change requests.
Answer: C
NEW QUESTION 30
Refer to the exhibit.
Where are the browser page rendering permissions displayed?
- A. X-XSS-Protection
- B. Content-Type
- C. X-Frame-Options
- D. Cache-Control
Answer: B
NEW QUESTION 31
An engineer has created a bash script to automate a complicated process. During script execution, this error occurs: permission denied. Which command must be added to execute this script?
- A. source ex.sh
- B. sh ex.sh
- C. chroot ex.sh
- D. chmod +x ex.sh
Answer: D
Explanation:
Explanation/Reference: https://www.redhat.com/sysadmin/exit-codes-demystified
NEW QUESTION 32
A security architect in an automotive factory is working on the Cyber Security Management System and is implementing procedures and creating policies to prevent attacks. Which standard must the architect apply?
- A. IEC62446
- B. IEC62439-3
- C. IEC62439-2
- D. IEC62443
Answer: D
NEW QUESTION 33
Refer to the exhibit. A threat actor behind a single computer exploited a cloud-based application by sending multiple concurrent API requests. These requests made the application unresponsive. Which solution protects the application from being overloaded and ensures more equitable application access across the end-user community?
- A. Add restrictions on the edge router on how often a single client can access the API
- B. Limit the number of API calls that a single client is allowed to make
- C. Increase the application cache of the total pool of active clients that call the API
- D. Reduce the amount of data that can be fetched from the total pool of active clients that call the API
Answer: B
NEW QUESTION 34
Refer to the exhibit.
An engineer is performing static analysis of a file received and reported by a user. Which risk is indicated in this STIX?
- A. The file is redirecting users to a website that requests privilege escalations from the user.
- B. The file is redirecting users to a website that is determining users' geographic location.
- C. The file is redirecting users to a website that harvests cookies and stored account information.
- D. The file is redirecting users to the website that is downloading ransomware to encrypt files.
Answer: B
NEW QUESTION 35
A security manager received an email from an anomaly detection service, that one of their contractors has downloaded 50 documents from the company's confidential document management folder using a company- owned asset al039-ice-4ce687TL0500. A security manager reviewed the content of downloaded documents and noticed that the data affected is from different departments. What are the actions a security manager should take?
- A. Communicate with the contractor to identify the motives.
- B. Measure confidentiality level of downloaded documents.
- C. Escalate to contractor's manager.
- D. Report to the incident response team.
Answer: D
NEW QUESTION 36
Refer to the exhibit.
Where does it signify that a page will be stopped from loading when a scripting attack is detected?
- A. x-test-debug
- B. x-frame-options
- C. x-content-type-options
- D. x-xss-protection
Answer: D
NEW QUESTION 37
A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat. What is the first action for the incident response team?
- A. Patch detected vulnerabilities from critical hosts
- B. Perform analysis based on the established risk factors
- C. Assess the network for unexpected behavior
- D. Isolate critical hosts from the network
Answer: D
NEW QUESTION 38
Refer to the exhibit.
What is occurring in this packet capture?
- A. TCP flood
- B. DNS flood
- C. DNS tunneling
- D. TCP port scan
Answer: A
NEW QUESTION 39 
Refer to the exhibit. An organization is using an internal application for printing documents that requires a separate registration on the website. The application allows format-free user creation, and users must match these required conditions to comply with the company's user creation policy:
* minimum length: 3
* usernames can only use letters, numbers, dots, and underscores
* usernames cannot begin with a number
The application administrator has to manually change and track these daily to ensure compliance. An engineer is tasked to implement a script to automate the process according to the company user creation policy. The engineer implemented this piece of code within the application, but users are still able to create format-free usernames. Which change is needed to apply the restrictions?
- A. modify code to return error on restrictions def return false_user(username, minlen)
- B. validate the restrictions, def validate_user(username, minlen)
- C. automate the restrictions def automate_user(username, minlen)
- D. modify code to force the restrictions, def force_user(username, minlen)
Answer: C
NEW QUESTION 40
Drag and drop the phases to evaluate the security posture of an asset from the left onto the activity that happens during the phases on the right.
Answer:
Explanation:
NEW QUESTION 41
A cloud engineer needs a solution to deploy applications on a cloud without being able to manage and control the server OS. Which type of cloud environment should be used?
- A. PaaS
- B. IaaS
- C. DaaS
- D. SaaS
Answer: B
NEW QUESTION 42
Employees receive an email from an executive within the organization that summarizes a recent security breach and requests that employees verify their credentials through a provided link. Several employees report the email as suspicious, and a security analyst is investigating the reports. Which two steps should the analyst take to begin this investigation? (Choose two.)
- A. Communicate with employees to determine who opened the link and isolate the affected assets.
- B. Examine the firewall and HIPS configuration to identify the exploited vulnerabilities and apply recommended mitigation.
- C. Evaluate the intrusion detection system alerts to determine the threat source and attack surface.
- D. Review the mail server and proxy logs to identify the impact of a potential breach.
- E. Check the email header to identify the sender and analyze the link in an isolated environment.
Answer: B,E
Explanation:
Section: (none)
Explanation
NEW QUESTION 43
Refer to the exhibit.
Which asset has the highest risk value?
- A. website
- B. servers
- C. payment process
- D. secretary workstation
Answer: C
NEW QUESTION 44
......
Cisco 350-201 Exam Certification Details:
| Exam Name | Performing CyberOps Using Cisco Security Technologies |
| Duration | 120 minutes |
| Number of Questions | 90-110 |
| Exam Price | $400 USD |
| Passing Score | Variable (750-850 / 1000 Approx.) |
| Sample Questions | Cisco 350-201 Sample Questions |
| Exam Registration | PEARSON VUE |
Certification dumps CyberOps Professional 350-201 guides - 100% valid: https://www.exam4labs.com/350-201-practice-torrent.html
100% Pass Your 350-201 Performing CyberOps Using Cisco Security Technologies at First Attempt with Exam4Labs: https://drive.google.com/open?id=1M7m2WfU2tlSOP6CT2fM24q85H_OD2_0E