1. Home
  2. Cisco
  3. 350-201

Performing CyberOps Using Cisco Security Technologies (CBRCOR)

Exam Details

  • Exam Code
    :350-201
  • Exam Name
    :Performing CyberOps Using Cisco Security Technologies (CBRCOR)
  • Certification
    :CyberOps Professional
  • Vendor
    :Cisco
  • Total Questions
    :139 Q&As
  • Last Updated
    :Mar 26, 2025

Cisco CyberOps Professional 350-201 Questions & Answers

  • Question 51:

    What is a limitation of cyber security risk insurance?

    A. It does not cover the costs to restore stolen identities as a result of a cyber attack

    B. It does not cover the costs to hire forensics experts to analyze the cyber attack

    C. It does not cover the costs of damage done by third parties as a result of a cyber attack

    D. It does not cover the costs to hire a public relations company to help deal with a cyber attack

  • Question 52:

    An engineer returned to work and realized that payments that were received over the weekend were sent to the wrong recipient. The engineer discovered that the SaaS tool that processes these payments was down over the weekend. Which step should the engineer take first?

    A. Utilize the SaaS tool team to gather more information on the potential breach

    B. Contact the incident response team to inform them of a potential breach

    C. Organize a meeting to discuss the services that may be affected

    D. Request that the purchasing department creates and sends the payments manually

  • Question 53:

    Refer to the exhibit. How are tokens authenticated when the REST API on a device is accessed from a REST API client?

    A. The token is obtained by providing a password. The REST client requests access to a resource using the access token. The REST API validates the access token and gives access to the resource.

    B. The token is obtained by providing a password. The REST API requests access to a resource using the access token, validates the access token, and gives access to the resource.

    C. The token is obtained before providing a password. The REST API provides resource access, refreshes tokens, and returns them to the REST client. The REST client requests access to a resource using the access token.

    D. The token is obtained before providing a password. The REST client provides access to a resource using the access token. The REST API encrypts the access token and gives access to the resource.

  • Question 54:

    Refer to the exhibit. Where are the browser page rendering permissions displayed?

    A. x-frame-options

    B. x-xss-protection

    C. x-content-type-options

    D. x-test-debug

  • Question 55:

    An engineer is utilizing interactive behavior analysis to test malware in a sandbox environment to see how the malware performs when it is successfully executed. A location is secured to perform reverse engineering on a piece of malware. What is the next step the engineer should take to analyze this malware?

    A. Run the program through a debugger to see the sequential actions

    B. Unpack the file in a sandbox to see how it reacts

    C. Research the malware online to see if there are noted findings

    D. Disassemble the malware to understand how it was constructed

  • Question 56:

    Employees report computer system crashes within the same week. An analyst is investigating one of the computers that crashed and discovers multiple shortcuts in the system's startup folder. It appears that the shortcuts redirect users to malicious URLs.

    What is the next step the engineer should take to investigate this case?

    A. Remove the shortcut files

    B. Check the audit logs

    C. Identify affected systems

    D. Investigate the malicious URLs

  • Question 57:

    An engineer has created a bash script to automate a complicated process. During script execution, this error occurs: permission denied. Which command must be added to execute this script?

    A. chmod +x ex.sh

    B. source ex.sh

    C. chroot ex.sh

    D. sh ex.sh

  • Question 58:

    An engineer is investigating several cases of increased incoming spam emails and suspicious emails from the HR and service departments. While checking the event sources, the website monitoring tool showed several web scraping alerts overnight.

    Which type of compromise is indicated?

    A. phishing

    B. dumpster diving

    C. social engineering

    D. privilege escalation

  • Question 59:

    Refer to the exhibit. What is occurring in this packet capture?

    A. TCP port scan

    B. TCP flood

    C. DNS flood

    D. DNS tunneling

  • Question 60:

    Refer to the exhibit. What is the threat in this Wireshark traffic capture?

    A. A high rate of SYN packets being sent from multiple sources toward a single destination IP

    B. A flood of ACK packets coming from a single source IP to multiple destination IPs

    C. A high rate of SYN packets being sent from a single source IP toward multiple destination IPs

    D. A flood of SYN packets coming from a single source IP to a single destination IP

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.