Shop Categories

 [email protected]
Search
View Cart
Checkout

The following 350-201 questions are part of our Cisco 350-201 real exam questions full version. There are 139 in our 350-201 full version. All of our 350-201 real exam questions can guarantee you success in the first attempt. If you fail 350-201 exam with our Cisco 350-201 real exam questions, you will get full payment fee refund. Want to practice and study full verion of 350-201 real exam questions? Go now!

 Get 350-201 Full Version

Cisco 350-201 Exam Actual Questions

The questions for 350-201 were last updated on Feb 21,2025 .

Viewing page 1 out of 4 pages.

Viewing questions 1 out of 20 questions

Question#1

A security engineer discovers that a spreadsheet containing confidential information for nine of their employees was fraudulently posted on a competitor’s website. The spreadsheet contains names, salaries, and social security numbers .
What is the next step the engineer should take in this investigation?

A. Determine if there is internal knowledge of this incident.
B. Check incoming and outgoing communications to identify spoofed emails.
C. Disconnect the network from Internet access to stop the phishing threats and regain control.
D. Engage the legal department to explore action against the competitor that posted the spreadsheet.

Question#2

A SOC team receives multiple alerts by a rule that detects requests to malicious URLs and informs the incident response team to block the malicious URLs requested on the firewall.
Which action will improve the effectiveness of the process?

A. Block local to remote HTTP/HTTPS requests on the firewall for users who triggered the rule.
B. Inform the user by enabling an automated email response when the rule is triggered.
C. Inform the incident response team by enabling an automated email response when the rule is triggered.
D. Create an automation script for blocking URLs on the firewall when the rule is triggered.

Question#3

Refer to the exhibit.



What is the connection status of the ICMP event?

A. blocked by a configured access policy rule
B. allowed by a configured access policy rule
C. blocked by an intrusion policy rule
D. allowed in the default action

Question#4

A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat .
What is the first action for the incident response team?

A. Assess the network for unexpected behavior
B. Isolate critical hosts from the network
C. Patch detected vulnerabilities from critical hosts
D. Perform analysis based on the established risk factors

Question#5

Refer to the exhibit.



Where does it signify that a page will be stopped from loading when a scripting attack is detected?

A. x-frame-options
B. x-content-type-options
C. x-xss-protection
D. x-test-debug

Explanation:
Reference: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/customize-http-security-headers-ad-fs

Exam Code: 350-201Q & A: 139 Q&AsUpdated:  Feb 21,2025

 Get 350-201 Full Version
 About 350-201 Questions

TOP Exams