200-201 | All About Accurate 200-201 Questions Pool

It is impossible to pass Cisco 200-201 exam without any help in the short term. Come to Exambible soon and find the most advanced, correct and guaranteed Cisco 200-201 practice questions. You will get a surprising result by our Replace Understanding Cisco Cybersecurity Operations Fundamentals practice guides.

Cisco 200-201 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?

  • A. confidentiality, identity, and authorization
  • B. confidentiality, integrity, and authorization
  • C. confidentiality, identity, and availability
  • D. confidentiality, integrity, and availability

Answer: D

NEW QUESTION 2
An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network. What is the impact of this traffic?

  • A. ransomware communicating after infection
  • B. users downloading copyrighted content
  • C. data exfiltration
  • D. user circumvention of the firewall

Answer: D

NEW QUESTION 3
What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?

  • A. Tapping interrogation replicates signals to a separate port for analyzing traffic
  • B. Tapping interrogations detect and block malicious traffic
  • C. Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies
  • D. Inline interrogation detects malicious traffic but does not block the traffic

Answer: A

NEW QUESTION 4
What are two social engineering techniques? (Choose two.)

  • A. privilege escalation
  • B. DDoS attack
  • C. phishing
  • D. man-in-the-middle
  • E. pharming

Answer: CE

NEW QUESTION 5
Which two elements are used for profiling a network? (Choose two.)

  • A. total throughout
  • B. session duration
  • C. running processes
  • D. OS fingerprint
  • E. listening ports

Answer: DE

NEW QUESTION 6
What does an attacker use to determine which network ports are listening on a potential target device?

  • A. man-in-the-middle
  • B. port scanning
  • C. SQL injection
  • D. ping sweep

Answer: B

NEW QUESTION 7
Which action prevents buffer overflow attacks?

  • A. variable randomization
  • B. using web based applications
  • C. input sanitization
  • D. using a Linux operating system

Answer: C

NEW QUESTION 8
Refer to the exhibit.
200-201 dumps exhibit
Which kind of attack method is depicted in this string?

  • A. cross-site scripting
  • B. man-in-the-middle
  • C. SQL injection
  • D. denial of service

Answer: A

NEW QUESTION 9
Refer to the exhibit.
200-201 dumps exhibit
What information is depicted?

  • A. IIS data
  • B. NetFlow data
  • C. network discovery event
  • D. IPS event data

Answer: B

NEW QUESTION 10
Which attack is the network vulnerable to when a stream cipher like RC4 is used twice with the same key?

  • A. forgery attack
  • B. plaintext-only attack
  • C. ciphertext-only attack
  • D. meet-in-the-middle attack

Answer: C

NEW QUESTION 11
Refer to the exhibit.
200-201 dumps exhibit
In which Linux log file is this output found?

  • A. /var/log/authorization.log
  • B. /var/log/dmesg
  • C. var/log/var.log
  • D. /var/log/auth.log

Answer: D

NEW QUESTION 12
An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists. The intruder asked the user to engage with a link in an email. When the fink launched, it infected machines and the intruder was able to access the corporate network.
Which testing method did the intruder use?

  • A. social engineering
  • B. eavesdropping
  • C. piggybacking
  • D. tailgating

Answer: A

NEW QUESTION 13
What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)

  • A. Untampered images are used in the security investigation process
  • B. Tampered images are used in the security investigation process
  • C. The image is tampered if the stored hash and the computed hash match
  • D. Tampered images are used in the incident recovery process
  • E. The image is untampered if the stored hash and the computed hash match

Answer: BE

NEW QUESTION 14
An analyst received an alert on their desktop computer showing that an attack was successful on the host. After investigating, the analyst discovered that no mitigation action occurred during the attack. What is the reason for this discrepancy?

  • A. The computer has a HIPS installed on it.
  • B. The computer has a NIPS installed on it.
  • C. The computer has a HIDS installed on it.
  • D. The computer has a NIDS installed on it.

Answer: C

NEW QUESTION 15
A security engineer deploys an enterprise-wide host/endpoint technology for all of the company's corporate PCs. Management requests the engineer to block a selected set of applications on all PCs.
Which technology should be used to accomplish this task?

  • A. application whitelisting/blacklisting
  • B. network NGFW
  • C. host-based IDS
  • D. antivirus/antispyware software

Answer: A

NEW QUESTION 16
What is the difference between the ACK flag and the RST flag in the NetFlow log session?

  • A. The RST flag confirms the beginning of the TCP connection, and the ACK flag responds when the data for the payload is complete
  • B. The ACK flag confirms the beginning of the TCP connection, and the RST flag responds when the data for the payload is complete
  • C. The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection
  • D. The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection

Answer: D

NEW QUESTION 17
An offline audit log contains the source IP address of a session suspected to have exploited a vulnerability resulting in system compromise.
Which kind of evidence is this IP address?

  • A. best evidence
  • B. corroborative evidence
  • C. indirect evidence
  • D. forensic evidence

Answer: B

NEW QUESTION 18
At which layer is deep packet inspection investigated on a firewall?

  • A. internet
  • B. transport
  • C. application
  • D. data link

Answer: C

NEW QUESTION 19
......

Thanks for reading the newest 200-201 exam dumps! We recommend you to try the PREMIUM Certleader 200-201 dumps in VCE and PDF here: https://www.certleader.com/200-201-dumps.html (98 Q&As Dumps)