Cisco Performing CyberOps Using Core Security Technologies (CBRCOR) 350-201 Question # 17 Topic 2 Discussion

350-201 Exam Topic 2 Question 17 Discussion:

Question #: 17

Topic #: 2

A SOC engineer discovers that the organization had three DDOS attacks overnight. Four servers are reported offline, even though the hardware seems to be working as expected. One of the offline servers is affecting the pay system reporting times. Three employees, including executive management, have reported ransomware on their laptops. Which steps help the engineer understand a comprehensive overview of the incident?

Run and evaluate a full packet capture on the workloads, review SIEM logs, and define a root cause.

Run and evaluate a full packet capture on the workloads, review SIEM logs, and plan mitigation steps.

Check SOAR to learn what the security systems are reporting about the overnight events, research the attacks, and plan mitigation step.

Check SOAR to know what the security systems are reporting about the overnight events, review the threat vectors, and define a root cause.

Get Premium 350-201 Questions

Actual exam question for Cisco 350-201 exam by Solis7997 at Aug 2, 2025, 12:00:00 AM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Cisco Performing CyberOps Using Core Security Technologies (CBRCOR) 350-201 Question # 17 Topic 2 Discussion

Cisco Performing CyberOps Using Core Security Technologies (CBRCOR) 350-201 Question # 17 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Cisco Performing CyberOps Using Core Security Technologies (CBRCOR) 350-201 Question # 17 Topic 2 Discussion

Cisco Performing CyberOps Using Core Security Technologies (CBRCOR) 350-201 Question # 17 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval