• Home
  • Articles
  • Best Cisco 350-201 Exam Practice Material Updated on Aug 09, 2022 [Q74-Q90]

Best Cisco 350-201 Exam Practice Material Updated on Aug 09, 2022 [Q74-Q90]

Share

Best Cisco 350-201 Exam Practice Material Updated on Aug 09, 2022

New 350-201 Actual Exam Dumps,  Cisco Practice Test

NEW QUESTION 74
Refer to the exhibit.

An engineer received a report that an attacker has compromised a workstation and gained access to sensitive customer data from the network using insecure protocols. Which action prevents this type of attack in the future?

  • A. Use syslog to gather data from multiple sources and detect intrusion logs for timely responses
  • B. Deploy a SOAR solution and correlate log alerts from customer zones
  • C. Use VLANs to segregate zones and the firewall to allow only required services and secured protocols
  • D. Deploy IDS within sensitive areas and continuously update signatures

Answer: C

 

NEW QUESTION 75
An organization lost connectivity to critical servers, and users cannot access business applications and internal websites. An engineer checks the network devices to investigate the outage and determines that all devices are functioning. Drag and drop the steps from the left into the sequence on the right to continue investigating this issue. Not all options are used.

Answer:

Explanation:

 

NEW QUESTION 76
An audit is assessing a small business that is selling automotive parts and diagnostic services. Due to increased customer demands, the company recently started to accept credit card payments and acquired a POS terminal. Which compliance regulations must the audit apply to the company?

  • A. HIPAA
  • B. PCI DSS
  • C. COBIT
  • D. FISMA

Answer: B

 

NEW QUESTION 77

Refer to the exhibit. An organization is using an internal application for printing documents that requires a separate registration on the website. The application allows format-free user creation, and users must match these required conditions to comply with the company's user creation policy:
* minimum length: 3
* usernames can only use letters, numbers, dots, and underscores
* usernames cannot begin with a number
The application administrator has to manually change and track these daily to ensure compliance. An engineer is tasked to implement a script to automate the process according to the company user creation policy. The engineer implemented this piece of code within the application, but users are still able to create format-free usernames. Which change is needed to apply the restrictions?

  • A. modify code to return error on restrictions def return false_user(username, minlen)
  • B. validate the restrictions, def validate_user(username, minlen)
  • C. modify code to force the restrictions, def force_user(username, minlen)
  • D. automate the restrictions def automate_user(username, minlen)

Answer: D

 

NEW QUESTION 78
Refer to the exhibit.

Where is the MIME type that should be followed indicated?

  • A. x-test-debug
  • B. strict-transport-security
  • C. x-xss-protection
  • D. x-content-type-options

Answer: A

 

NEW QUESTION 79
An analyst is alerted for a malicious file hash. After analysis, the analyst determined that an internal workstation is communicating over port 80 with an external server and that the file hash is associated with Duqu malware. Which tactics, techniques, and procedures align with this analysis?

  • A. Command and Control, Application Layer Protocol, Duqu
  • B. Discovery, Remote Services: SMB/Windows Admin Shares, Duqu
  • C. Lateral Movement, Remote Services: SMB/Windows Admin Shares, Duqu
  • D. Discovery, System Network Configuration Discovery, Duqu

Answer: A

 

NEW QUESTION 80
The incident response team was notified of detected malware. The team identified the infected hosts, removed the malware, restored the functionality and data of infected systems, and planned a company meeting to improve the incident handling capability. Which step was missed according to the NIST incident handling guide?

  • A. Determine the escalation path
  • B. Install IPS software
  • C. Contain the malware
  • D. Perform vulnerability assessment

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 81
Refer to the exhibit.

An engineer notices a significant anomaly in the traffic in one of the host groups in Cisco Secure Network Analytics (Stealthwatch) and must analyze the top data transmissions. Which tool accomplishes this task?

  • A. Top Conversations
  • B. Top Peers
  • C. Top Hosts
  • D. Top Ports

Answer: C

 

NEW QUESTION 82
An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?
#!/usr/bin/python import sys import requests

  • A. console_ip, reference_set_name
  • B. {1}, {2}
  • C. console_ip, api_token
  • D. {1}, {3}

Answer: C

 

NEW QUESTION 83

Refer to the exhibit. Where are the browser page rendering permissions displayed?

  • A. x-xss-protection
  • B. x-test-debug
  • C. x-content-type-options
  • D. x-frame-options

Answer: C

Explanation:
Explanation
Explanation/Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

 

NEW QUESTION 84
A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.921.2239.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?

  • A. virus outbreak
  • B. phishing attack
  • C. DDoS attack
  • D. malware outbreak

Answer: D

 

NEW QUESTION 85

Refer to the exhibit. An engineer is reverse engineering a suspicious file by examining its resources. What does this file indicate?

  • A. a DOS MZ executable format
  • B. a MS-DOS executable archive
  • C. a Windows executable file
  • D. an archived malware

Answer: C

Explanation:
Explanation/Reference: https://stackoverflow.com/questions/2577545/why-is-this-program-cannot-be-run-in-dos-mode-text- present-in-dll-files#:~:text=The%20linker%20places%20a%20default,using%20the%20%2FSTUB%20linker%
20option.&text=This%20information%20enables%20Windows%20to,has%20an%20MS-DOS%20stub.

 

NEW QUESTION 86
A security analyst receives an escalation regarding an unidentified connection on the Accounting A1 server within a monitored zone. The analyst pulls the logs and discovers that a Powershell process and a WMI tool process were started on the server after the connection was established and that a PE format file was created in the system directory. What is the next step the analyst should take?

  • A. Perform behavioral analysis of the processes on an isolated workstation and perform cleaning procedures if the file is malicious
  • B. Isolate the server and perform forensic analysis of the file to determine the type and vector of a possible attack
  • C. Review the server backup and identify server content and data criticality to assess the intrusion risk
  • D. Identify the server owner through the CMDB and contact the owner to determine if these were planned and identifiable activities

Answer: C

 

NEW QUESTION 87
The physical security department received a report that an unauthorized person followed an authorized individual to enter a secured premise. The incident was documented and given to a security specialist to analyze. Which step should be taken at this stage?

  • A. Identify assets the attacker handled or acquired
  • B. Identify movement of the attacker in the enterprise
  • C. Change access controls to high risk assets in the enterprise
  • D. Determine the assets to which the attacker has access

Answer: B

 

NEW QUESTION 88
Refer to the exhibit.

Where are the browser page rendering permissions displayed?

  • A. Content-Type
  • B. X-XSS-Protection
  • C. X-Frame-Options
  • D. Cache-Control

Answer: A

 

NEW QUESTION 89
A security incident affected an organization's critical business services, and the customer-side web API became unresponsive and crashed. An investigation revealed a spike of API call requests and a high number of inactive sessions during the incident. Which two recommendations should the engineers make to prevent similar incidents in the future? (Choose two.)

  • A. Implement API key maintenance.
  • B. Configure shorter timeout periods.
  • C. Automate server-side error reporting for customers.
  • D. Decrease simultaneous API responses.
  • E. Determine API rate-limiting requirements.

Answer: C,E

 

NEW QUESTION 90
......


Automation – 20%

  • Defying the constraints when consuming APIs.
  • Using the basic scripts like Python and common data formats, such as CSV, HTML, JSON, and XML;
  • Utilizing the Bash commands;

 

Study HIGH Quality 350-201 Free Study Guides and Exams Tutorials: https://www.actual4dumps.com/350-201-study-material.html

Download Cisco 350-201 Exam Dumps to Pass Exam Easily: https://drive.google.com/open?id=10WcHdlC7FYmtrhOJjije8X0FeqzZ5K3g

Related Articles

more
Cisco 350-201 Certification Practice Exam

Copyright © 2026 Actual4Dumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
Actual4Dumps doesn't offer Real SAP Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
Actual4Dumps material do not contain actual actual Oracle Exam Questions or material.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
Actual4Dumps Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Actual4Dumps does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Actual4Dumps does not own or claim any ownership on any of the brands.