Home/cisco/Free Cisco 350-201 Actual Exam Questions
Free Cisco 350-201 Actual Exam Questions
The questions for this exam were last updated on January 7, 2026
Dumps Box (DumpsBox) offers up-to-date practice exam questions for 350-201 certification exam which are developed and validated by Cisco subject domain experts certified in Cisco 350-201 . These practice questions are update regularly as we keep an eye on any recent changes in 350-201 syllabus, and when there is update our team quickly adjusts the questions. This commitment to providing the best quality exam prep material to certification aspirants is what makes DumpsBox.com the best certification exam prep website. On top of that, our strong, yet strictly moderated, community based feedback keeps the content clean and current. Each question has helpful community discussion that provides it extra perspective and introduces helpful resources for better exam preparation. This also saves students from other outdated practice questions or illicit exam dumps that can have adverse affects on career. Browse through our Cisco 350-201 exam questions and pass your exam on first try.
According to GDPR, what should be done with data to ensure its confidentiality, integrity, and availability?
Select one option, then reveal solution.
Question No. 2
A security incident affected an organization’s critical business services, and the customer-side web API became unresponsive and crashed. An investigation revealed a spike of API call requests and a high number of inactive sessions during the incident. Which two recommendations should the engineers make to prevent similar incidents in the future? (Choose two.)
Select all that apply, then reveal solution.
Question No. 3
An organization had an incident with the network availability during which devices unexpectedly malfunctioned. An engineer is investigating the incident and found that the memory pool buffer usage reached a peak before the malfunction. Which action should the engineer take to prevent this issue from reoccurring?
Select one option, then reveal solution.
Question No. 4
An organization installed a new application server for IP phones. An automated process fetched user credentials from the Active Directory server, and the application will have access to on-premises and cloud services. Which security threat should be mitigated first?
Select one option, then reveal solution.
Question No. 5
Refer to the exhibit. What is the threat in this Wireshark traffic capture?
Select one option, then reveal solution.
Question No. 6
What is a limitation of cyber security risk insurance?
Select one option, then reveal solution.
Question No. 7
A SIEM tool fires an alert about a VPN connection attempt from an unusual location. The incident response team validates that an attacker has installed a remote access tool on a user’s laptop while traveling. The attacker has the user’s credentials and is attempting to connect to the network. What is the next step in handling the incident?
Select one option, then reveal solution.
Question No. 8
An audit is assessing a small business that is selling automotive parts and diagnostic services. Due to increased customer demands, the company recently started to accept credit card payments and acquired a POS terminal. Which compliance regulations must the audit apply to the company?
Select one option, then reveal solution.
Question No. 9
What is the difference between process orchestration and automation?
Select one option, then reveal solution.
Question No. 10
An engineer is utilizing interactive behavior analysis to test malware in a sandbox environment to see how the malware performs when it is successfully executed. A location is secured to perform reverse engineering on a piece of malware. What is the next step the engineer should take to analyze this malware?
Select one option, then reveal solution.
Question No. 11
A company recently completed an internal audit and discovered that there is CSRF vulnerability in 20 of its hosted applications. Based on the audit, which recommendation should an engineer make for patching?
Select one option, then reveal solution.
Question No. 12
An engineer notices that every Sunday night, there is a two-hour period with a large load of network activity. Upon further investigation, the engineer finds that the activity is from locations around the globe outside the organization’s service are a. What are the next steps the engineer must take?
Select one option, then reveal solution.
Question No. 13
An employee abused PowerShell commands and script interpreters, which lead to an indicator of compromise (IOC) trigger. The IOC event shows that a known malicious file has been executed, and there is an increased likelihood of a breach. Which indicator generated this IOC event?
Select one option, then reveal solution.
Question No. 14Drag & Drop
DRAG DROP Drag and drop the actions below the image onto the boxes in the image for the actions that should be taken during this playbook step. Not all options are used.
Options
AUpdate IDS/IPS & Firewall
BReimage
CCollect Logs
DCategorize Incident
EIdentify Targeted Systems
FRequest Packet Capture
GRemove Temporary Containment
HDetermine Patch Methods
Drag an item to a target. Click × to remove.
Answer Area
Bucket 1
Drop item here
Bucket 2
Drop item here
Bucket 3
Drop item here
Question No. 15Drag & Drop
DRAG DROP An engineer notices that unauthorized software was installed on the network and discovers that it was installed by a dormant user account. The engineer suspects an escalation of privilege attack and responds to the incident. Drag and drop the activities from the left into the order for the response on the right.
