Cisco Performing CyberOps Using Core Security Technologies 350-201 Exam Questions
Preparing for the 350-201 exam is simple with Certs Vault. We offer easy-to-understand study materials that help you learn the most important exam topics. You can study using our PDF questions, practice online with a real exam-style test, or use the desktop practice software. Choose the study method that works best for you and prepare at your own pace.
At Certs Vault, we keep our 350-201 practice questions up to date. Whenever the exam syllabus or objectives change, we update our study materials so you always learn the latest topics. This helps you save time, avoid outdated content, and feel more confident when you take your exam.
A threat actor behind a single computer exploited a cloud-based application by sending multiple concurrent API requests. These requests made the application unresponsive. Which solution protects the application from being overloaded and ensures more equitable application access across the end user community
Correct Answer: A
DRAG DROP An organization lost connectivity to critical servers, and users cannot access business applications and internal websites. An engineer checks the network devices to investigate the outage and determines that all devices are functioning. Drag and drop the steps from the left into the sequence on the right to continue investigating this issue. Not all options are used.
Correct Answer: A
| Source Actions (Left Column) | Correct Ordered Sequence (Right Column) |
* run show access-list * run show config * validate the file MD5 * generate the core file * verify the image file hash * check the memory logs * verify the memory state | 1. run show config 2. check the memory logs 3. verify the memory state 4. run show access-list |
A threat actor attacked an organization’s Active Directory server from a remote location, and in a thirty-minute timeframe, stole the password for the administrator account and attempted to access 3 company servers. The threat actor successfully accessed the first server that contained sales data, but no files were downloaded. A second server was also accessed that contained marketing information and 11 files were downloaded. When the threat actor accessed the third server that contained corporate financial data, the session was disconnected, and the administrator’s account was disabled. Which activity triggered the behavior analytics tool?
Correct Answer: C
A security analyst needs to investigate a security incident involving several suspicious connections with a possible attacker. Which tool should the analyst use to identify the source IP of the offender
| Protocol | Local Address | Foreign Address | State |
| TCP | 192.168.1.8:54580 | vk-in-f108:imaps | ESTABLISHED |
| TCP | 192.168.1.8:54583 | 132.245.61.50:https | ESTABLISHED |
| TCP | 192.168.1.8:54916 | bay405-m:https | ESTABLISHED |
| TCP | 192.168.1.8:54978 | vu-in-f188:5228 | ESTABLISHED |
| TCP | 192.168.1.8:55094 | 72.21.194.109:https | ESTABLISHED |
| TCP | 192.168.1.8:55401 | wonderhowto:http | ESTABLISHED |
| TCP | 192.168.1.8:55730 | mia07s34-in-f78:https | TIME WA |
| Protocol | Local Address | Foreign Address | State |
| TCP | 192.168.1.8:55824 | a23-40-191-15:https | CLOSE_WAIT |
| TCP | 192.168.1.8:55825 | a23-40-191-15:https | CLOSE_WAIT |
| TCP | 192.168.1.8:55846 | mia07s25-in-f14:https | TIME_WAIT |
| TCP | 192.168.1.8:55847 | a184-51-150-89:http | CLOSE_WAIT |
| TCP | 192. | 157.55.56.154 | ESTABLISHED |
| TCP | 192.168.1 | atl14s38-in-f4:https | ESTABLISHED |
| TCP | 192.168.1.8:558 | 208-46-117-174: | ESTABLISHED |
| TCP | 192.168.1.8:55893 | vx-in-f95:https | TIME_WAIT |
| TCP | 192.168.1.8:55947 | stackoverflow:https | ESTABLISHED |
| TCP | 192.168.1.8:55966 | stackoverflow:https | ESTABLISHED |
| TCP | 192.168.1.8:55970 | mia07s34-in-f78:https | TIME_WAIT |
| TCP | 192.168.1.8:55972 | 191.238.241.80:https | TIME_WAIT |
| TCP | 192.168.1.8:55976 | 54.239.26.242:https | ESTABLISHED |
| TCP | 192.168.1.8:55979 | mia07s35-in-f14:https | ESTABLISHED |
| TCP | 192.168.1.8:55986 | serv | TIME_WAIT |
| TCP | 192.168.1.8:55988 | 104.16.118.182:http | ESTABLISHED |