Free 350-201 Exam Dumps

No Installation Required, Instantly Prepare for the 350-201 exam and please click the below link to start the 350-201 Exam Simulator with a real 350-201 practice exam questions.
Use directly our on-line 350-201 exam dumps materials and try our Testing Engine to pass the 350-201 which is always updated.

Exam Code: 350-201
Exam Title: Performing CyberOps Using Core Security Technologies (CBRCOR)
Vendor: Cisco
Exam Questions: 139
Last Updated: November 15th,2024

Question 1

Refer to the exhibit.
350-201 dumps exhibit
At which stage of the threat kill chain is an attacker, based on these URIs of inbound web requests from known malicious Internet scanners?

A. exploitation
B. actions on objectives
C. delivery
D. reconnaissance

Correct Answer:C

Question 2

An employee who often travels abroad logs in from a first-seen country during non-working hours. The SIEM tool generates an alert that the user is forwarding an increased amount of emails to an external mail domain and then logs out. The investigation concludes that the external domain belongs to a competitor. Which two behaviors triggered UEBA? (Choose two.)

A. domain belongs to a competitor
B. log in during non-working hours
C. email forwarding to an external domain
D. log in from a first-seen country
E. increased number of sent mails

Correct Answer:AB

Question 3

An engineer is developing an application that requires frequent updates to close feedback loops and enable teams to quickly apply patches. The team wants their code updates to get to market as often as possible. Which software development approach should be used to accomplish these goals?

A. continuous delivery
B. continuous integration
C. continuous deployment
D. continuous monitoring

Correct Answer:A

Question 4

An engineer is going through vulnerability triage with company management because of a recent malware outbreak from which 21 affected assets need to be patched or remediated. Management decides not to prioritize fixing the assets and accepts the vulnerabilities. What is the next step the engineer should take?

A. Investigate the vulnerability to prevent further spread
B. Acknowledge the vulnerabilities and document the risk
C. Apply vendor patches or available hot fixes
D. Isolate the assets affected in a separate network

Correct Answer:D

Question 5

Refer to the exhibit.
350-201 dumps exhibit
An organization is using an internal application for printing documents that requires a separate registration on the website. The application allows format-free user creation, and users must match these required conditions to comply with the company’s user creation policy:
minimum length: 3
350-201 dumps exhibit usernames can only use letters, numbers, dots, and underscores
usernames cannot begin with a number
The application administrator has to manually change and track these daily to ensure compliance. An engineer is tasked to implement a script to automate the process according to the company user creation policy. The engineer implemented this piece of code within the application, but users are still able to create format-free usernames. Which change is needed to apply the restrictions?

A. modify code to return error on restrictions def return false_user(username, minlen)
B. automate the restrictions def automate_user(username, minlen)
C. validate the restrictions, def validate_user(username, minlen)
D. modify code to force the restrictions, def force_user(username, minlen)

Correct Answer:B