Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 350-201

Cisco 350-201 Exam Questions
Performing CyberOps Using Core Security Technologies (CBRCOR) (Page 14 )

Updated On: 6-Apr-2026
Page 5 of 29
PDF with 139 Questions

A European-based advertisement company collects tracking information from partner websites and stores it on a local server to provide tailored ads. Which standard must the company follow to safeguard the resting data?

  1. HIPAA
  2. PCI-DSS
  3. Sarbanes-Oxley
  4. GDPR

Answer(s): D


Reference:

https://www.thesslstore.com/blog/10-data-privacy-and-encryption-laws-every-business-needs-to-know/



An organization had a breach due to a phishing attack. An engineer leads a team through the recovery phase of the incident response process. Which action should be taken during this phase?

  1. Host a discovery meeting and define configuration and policy updates
  2. Update the IDS/IPS signatures and reimage the affected hosts
  3. Identify the systems that have been affected and tools used to detect the attack
  4. Identify the traffic with data capture using Wireshark and review email filters

Answer(s): C



An engineer is going through vulnerability triage with company management because of a recent malware outbreak from which 21 affected assets need to be patched or remediated. Management decides not to prioritize fixing the assets and accepts the vulnerabilities. What is the next step the engineer should take?

  1. Investigate the vulnerability to prevent further spread
  2. Acknowledge the vulnerabilities and document the risk
  3. Apply vendor patches or available hot fixes
  4. Isolate the assets affected in a separate network

Answer(s): D



The incident response team receives information about the abnormal behavior of a host. A malicious file is found being executed from an external USB flash drive. The team collects and documents all the necessary evidence from the computing resource. What is the next step?

  1. Conduct a risk assessment of systems and applications
  2. Isolate the infected host from the rest of the subnet
  3. Install malware prevention software on the host
  4. Analyze network traffic on the host’s subnet

Answer(s): B



An engineer notices that unauthorized software was installed on the network and discovers that it was installed by a dormant user account. The engineer suspects an escalation of privilege attack and responds to the incident. Drag and drop the activities from the left into the order for the response on the right.

Select and Place:

Exhibit A:



Exhibit B:

  1. Please refer to Exhibit B for the answer.

Answer(s): A



Viewing page 14 of 29
Viewing questions 66 - 70 out of 139 questions



Post your Comments and Discuss Cisco 350-201 exam dumps with other Community members:

350-201 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!