Free Access Cisco.350-201.v2024-10-08.q108 Practice Test (Page 7)

Question 26

Refer to the exhibit.

Cisco Rapid Threat Containment using Cisco Secure Network Analytics (Stealthwatch) and ISE detects the threat of malware-infected 802.1x authenticated endpoints and places that endpoint into a Quarantine VLAN using Adaptive Network Control policy. Which telemetry feeds were correlated with SMC to identify the malware?

A.NetFlow and event data

B.event data and syslog data

C.SNMP and syslog data

D.NetFlow and SNMP

Question 27

An engineer wants to review the packet overviews of SNORT alerts. When printing the SNORT alerts, all the packet headers are included, and the file is too large to utilize. Which action is needed to correct this problem?

A.Modify the alert rule to "output alert_syslog: output log"

B.Modify the output module rule to "output alert_quick: output filename"

C.Modify the alert rule to "output alert_syslog: output header"

D.Modify the output module rule to "output alert_fast: output filename"

Question 28

Refer to the exhibit. An engineer is analyzing this Vlan0392-int12-239.pcap file in Wireshark after detecting a suspicious network activity. The origin header for the direct IP connections in the packets was initiated by a google chrome extension on a WebSocket protocol. The engineer checked message payloads to determine what information was being sent off-site but the payloads are obfuscated and unreadable. What does this STIX indicate?

A.The extension is not performing as intended because of restrictions since ports 80 and 443 should be accessible

B.The traffic is legitimate as the google chrome extension is reaching out to check for updates and fetches this information

C.There is a malware that is communicating via encrypted channels to the command and control server

D.There is a possible data leak because payloads should be encoded as UTF-8 text

Question 29

Refer to the exhibit. What is the connection status of the ICMP event?

A.blocked by a configured access policy rule

B.allowed by a configured access policy rule

C.blocked by an intrusion policy rule

D.allowed in the default action

Question 30

A company recently started accepting credit card payments in their local warehouses and is undergoing a PCI audit. Based on business requirements, the company needs to store sensitive authentication data for 45 days.
How must data be stored for compliance?

A.post-authorization by non-issuing entities if there is a documented business justification

B.by entities that issue the payment cards or that perform support issuing services

C.post-authorization by non-issuing entities if the data is encrypted and securely stored

D.by issuers and issuer processors if there is a legitimate reason

Other Version: 1384Cisco.350-201.v2023-04-04.q66; 1645Cisco.350-201.v2022-11-05.q67; 1970Cisco.350-201.v2022-08-24.q70; 1813Cisco.350-201.v2022-03-01.q65; 56Cisco.Prepawaypdf.350-201.v2021-12-18.by.heather.67q.pdf

Latest Upload: 202PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 299Nokia.4A0-113.v2026-05-01.q69; 255EC-COUNCIL.312-49v11.v2026-04-30.q214; 228Microsoft.MB-820.v2026-04-30.q101; 211Salesforce.MC-202.v2026-04-30.q57; 206BICSI.INSTC_V8.v2026-04-29.q53; 335NMLS.MLO.v2026-04-28.q82; 243NCARB.Project-Management.v2026-04-28.q27; 462EMC.D-AV-DY-23.v2026-04-27.q184; 1116ServiceNow.CSA.v2026-04-27.q483

Question 26

Question 27

Question 28

Question 29

Question 30

Download PDF File