350-201 Cisco Exam Questions and Free Practice Test

Question 7

Which command does an engineer use to set read/write/execute access on a folder for everyone who reaches the resource?

A. chmod 666

B. chmod 774

C. chmod 775

D. chmod 777

Correct Answer:D

Question 8

An engineer receives a report that indicates a possible incident of a malicious insider sending company information to outside parties. What is the first action the engineer must take to determine whether an incident has occurred?

A. Analyze environmental threats and causes

B. Inform the product security incident response team to investigate further

C. Analyze the precursors and indicators

D. Inform the computer security incident response team to investigate further

Correct Answer:C

Question 9

Refer to the exhibit.
350-201 dumps exhibit
Which code snippet will parse the response to identify the status of the domain as malicious, clean or undefined?

A. Option A

B. Option B

C. Option C

D. Option D

Correct Answer:C

Question 10

A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.861.2117.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?

A. DDoS attack

B. phishing attack

C. virus outbreak

D. malware outbreak

Correct Answer:D

Question 11

Refer to the exhibit.
350-201 dumps exhibit
A threat actor behind a single computer exploited a cloud-based application by sending multiple concurrent API requests. These requests made the application unresponsive. Which solution protects the application from being overloaded and ensures more equitable application access across the end-user community?

A. Limit the number of API calls that a single client is allowed to make

B. Add restrictions on the edge router on how often a single client can access the API

C. Reduce the amount of data that can be fetched from the total pool of active clients that call the API

D. Increase the application cache of the total pool of active clients that call the API

Correct Answer:A

Question 12

The incident response team receives information about the abnormal behavior of a host. A malicious file is found being executed from an external USB flash drive. The team collects and documents all the necessary evidence from the computing resource. What is the next step?

A. Conduct a risk assessment of systems and applications

B. Isolate the infected host from the rest of the subnet

C. Install malware prevention software on the host

D. Analyze network traffic on the host’s subnet

Correct Answer:B

START 350-201 EXAM