1. Home
  2. Cisco
  3. 350-201

Performing CyberOps Using Cisco Security Technologies (CBRCOR)

Exam Details

  • Exam Code
    :350-201
  • Exam Name
    :Performing CyberOps Using Cisco Security Technologies (CBRCOR)
  • Certification
    :CyberOps Professional
  • Vendor
    :Cisco
  • Total Questions
    :139 Q&As
  • Last Updated
    :Mar 26, 2025

Cisco CyberOps Professional 350-201 Questions & Answers

  • Question 111:

    An engineer is analyzing a possible compromise that happened a week ago when the company? (Choose two.)

    A. firewall

    B. Wireshark

    C. autopsy

    D. SHA512

    E. IPS

  • Question 112:

    A European-based advertisement company collects tracking information from partner websites and stores it on a local server to provide tailored ads. Which standard must the company follow to safeguard the resting data?

    A. HIPAA

    B. PCI-DSS

    C. Sarbanes-Oxley

    D. GDPR

  • Question 113:

    An organization had a breach due to a phishing attack. An engineer leads a team through the recovery phase of the incident response process. Which action should be taken during this phase?

    A. Host a discovery meeting and define configuration and policy updates

    B. Update the IDS/IPS signatures and reimage the affected hosts

    C. Identify the systems that have been affected and tools used to detect the attack

    D. Identify the traffic with data capture using Wireshark and review email filters

  • Question 114:

    An engineer is going through vulnerability triage with company management because of a recent malware outbreak from which 21 affected assets need to be patched or remediated. Management decides not to prioritize fixing the assets and accepts the vulnerabilities.

    What is the next step the engineer should take?

    A. Investigate the vulnerability to prevent further spread

    B. Acknowledge the vulnerabilities and document the risk

    C. Apply vendor patches or available hot fixes

    D. Isolate the assets affected in a separate network

  • Question 115:

    A company recently completed an internal audit and discovered that there is CSRF vulnerability in 20 of its hosted applications. Based on the audit, which recommendation should an engineer make for patching?

    A. Identify the business applications running on the assets

    B. Update software to patch third-party software

    C. Validate CSRF by executing exploits within Metasploit

    D. Fix applications according to the risk scores

  • Question 116:

    According to GDPR, what should be done with data to ensure its confidentiality, integrity, and availability?

    A. Perform a vulnerability assessment

    B. Conduct a data protection impact assessment

    C. Conduct penetration testing

    D. Perform awareness testing

  • Question 117:

    A payroll administrator noticed unexpected changes within a piece of software and reported the incident to the incident response team. Which actions should be taken at this step in the incident response workflow?

    A. Classify the criticality of the information, research the attacker's motives, and identify missing patches

    B. Determine the damage to the business, extract reports, and save evidence according to a chain of custody

    C. Classify the attack vector, understand the scope of the event, and identify the vulnerabilities being exploited

    D. Determine the attack surface, evaluate the risks involved, and communicate the incident according to the escalation plan

  • Question 118:

    Refer to the exhibit. At which stage of the threat kill chain is an attacker, based on these URIs of inbound web requests from known malicious Internet scanners?

    A. exploitation

    B. actions on objectives

    C. delivery

    D. reconnaissance

  • Question 119:

    Refer to the exhibit. How must these advisories be prioritized for handling?

    A. The highest priority for handling depends on the type of institution deploying the devices

    B. Vulnerability #2 is the highest priority for every type of institution

    C. Vulnerability #1 and vulnerability #2 have the same priority

    D. Vulnerability #1 is the highest priority for every type of institution

  • Question 120:

    Refer to the exhibit. Which two steps mitigate attacks on the webserver from the Internet? (Choose two.)

    A. Create an ACL on the firewall to allow only TLS 1.3

    B. Implement a proxy server in the DMZ network

    C. Create an ACL on the firewall to allow only external connections

    D. Move the webserver to the internal network

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.