200-201 | ExamData

Question#1

Which event is user interaction?

A. gaining root access
B. executing remote code
C. reading and writing file permission
D. opening a malicious file

Discover Answer

D

Question#2

Which security principle requires more than one person is required to perform a critical task?

A. least privilege
B. need to know
C. separation of duties
D. due diligence

Discover Answer

C

Question#3

How is attacking a vulnerability categorized?

A. action on objectives
B. delivery
C. exploitation
D. installation

Discover Answer

C

Question#4

What is a benefit of agent-based protection when compared to agentless protection?

A. It lowers maintenance costs
B. It provides a centralized platform
C. It collects and detects all traffic locally
D. It manages numerous devices simultaneously

Discover Answer

B

Question#5

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?

A. decision making
B. rapid response
C. data mining
D. due diligence

Discover Answer

A

Question#6

What is a difference between SIEM and SOAR?

A. SIEM predicts and prevents security alerts, while SOAR checks attack patterns and applies the mitigation.
B. SIEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response.
C. SOAR's primary function is to collect and detect anomalies, while SIEM is more focused on security operations automation and response.
D. SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation.

Discover Answer

B
Reference:
https://www.cisco.com/c/en/us/products/security/what-is-a-security-platform.html

Question#7

What is vulnerability management?

A. A process to identify and remediate existing weaknesses.
B. A process to recover from service interruptions and restore business-critical applications.
C. A security practice of performing actions rather than acknowledging the threats.
D. A security practice focused on clarifying and narrowing intrusion points.

Discover Answer

A
Reference:
https://www.brinqa.com/vulnerability-management-primer-part-2-challenges/

Question#8

What is a difference between signature-based and behavior-based detection?

A. Signature-based identifies behaviors that may be linked to attacks, while behavior-based has a predefined set of rules to match before an alert.
B. Behavior-based identifies behaviors that may be linked to attacks, while signature-based has a predefined set of rules to match before an alert.
C. Behavior-based uses a known vulnerability database, while signature-based intelligently summarizes existing data.
D. Signature-based uses a known vulnerability database, while behavior-based intelligently summarizes existing data.

Discover Answer

D
Reference:
https://accedian.com/blog/what-is-the-difference-between-signature-based-and-behavior-based-ids/

Question#9

When communicating via TLS, the client initiates the handshake to the server and the server responds back with its certificate for identification.
Which information is available on the server certificate?

A. server name, trusted subordinate CA, and private key
B. trusted subordinate CA, public key, and cipher suites
C. trusted CA name, cipher suites, and private key
D. server name, trusted CA, and public key

Discover Answer

D

Question#10

How does an SSL certificate impact security between the client and the server?

A. by enabling an authenticated channel between the client and the server
B. by creating an integrated channel between the client and the server
C. by enabling an authorized channel between the client and the server
D. by creating an encrypted channel between the client and the server

Discover Answer

D