18 July, 2021

All About High Value 200-201 Practice Question

It is more faster and easier to pass the Cisco 200-201 exam by using Vivid Cisco Understanding Cisco Cybersecurity Operations Fundamentals questuins and answers. Immediate access to the Abreast of the times 200-201 Exam and find the same core area 200-201 questions with professionally verified answers, then PASS your exam with a high score now.

Free demo questions for Cisco 200-201 Exam Dumps Below:

Page: 1 / 8

Total 98 questions Full Exam Access

Question 1

Which process is used when IPS events are removed to improve data integrity?

data availability

data normalization

data signature

data protection

Question 2

What is the difference between statistical detection and rule-based detection models?

Rule-based detection involves the collection of data in relation to the behavior of legitimate users over a period of time

Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it on an IF/THEN basis

Statistical detection involves the evaluation of an object on its intended actions before it executes that behavior

Rule-based detection defines legitimate data of users over a period of time and statistical detection defines it on an IF/THEN basis

Question 3

How is attacking a vulnerability categorized?

action on objectives

delivery

exploitation

installation

Question 4

An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection.
Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)

signatures

host IP addresses

file size

dropped files

domain names

Question 5

What does cyber attribution identity in an investigation?

cause of an attack

exploit of an attack

vulnerabilities exploited

threat actors of an attack

Question 6

Which two elements are used for profiling a network? (Choose two.)

session duration

total throughput

running processes

listening ports

OS fingerprint

Question 7

An offline audit log contains the source IP address of a session suspected to have exploited a vulnerability resulting in system compromise.
Which kind of evidence is this IP address?

best evidence

corroborative evidence

indirect evidence

forensic evidence

Question 8

Which two elements are assets in the role of attribution in an investigation? (Choose two.)

context

session

laptop

firewall logs

threat actor

Question 9

Drag and drop the access control models from the left onto the correct descriptions on the right.
200-201 dumps exhibit

Solution:
200-201 dumps exhibit

Does this meet the goal?

Yes

Question 10

Which signature impacts network traffic by causing legitimate traffic to be blocked?

false negative

true positive

true negative

false positive

Question 11

Which piece of information is needed for attribution in an investigation?

proxy logs showing the source RFC 1918 IP addresses

RDP allowed from the Internet

known threat actor behavior

802.1x RADIUS authentication pass arid fail logs

Question 12

Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?

CSIRT

PSIRT

public affairs

management

Question 13

Which artifact is used to uniquely identify a detected file?

file timestamp

file extension

file size

file hash

Question 14

What does an attacker use to determine which network ports are listening on a potential target device?

man-in-the-middle

port scanning

SQL injection

ping sweep

Question 15

Which event artifact is used to identify HTTP GET requests for a specific file?

destination IP address

URI

HTTP status code

TCP ACK

Question 16

Which evasion technique is a function of ransomware?

extended sleep calls

encryption

resource exhaustion

encoding

Question 17

An analyst received an alert on their desktop computer showing that an attack was successful on the host. After investigating, the analyst discovered that no mitigation action occurred during the attack. What is the reason for this discrepancy?

The computer has a HIPS installed on it.

The computer has a NIPS installed on it.

The computer has a HIDS installed on it.

The computer has a NIDS installed on it.

Question 18

What is personally identifiable information that must be safeguarded from unauthorized access?

date of birth

driver's license number

gender

zip code

Page: 1 / 8

Total 98 questions Full Exam Access