Home Exams
Log In Sign Up
Exams > Cisco > 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Page 3 out of 26 pages Questions 21-30 out of 258 questions
Question#21

An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network.
What is the impact of this traffic?

  • A. ransomware communicating after infection
  • B. users downloading copyrighted content
  • C. data exfiltration
  • D. user circumvention of the firewall
Discover Answer Hide Answer

D

Question#22

What is an example of social engineering attacks?

  • A. receiving an unexpected email from an unknown person with an attachment from someone in the same company
  • B. receiving an email from human resources requesting a visit to their secure website to update contact information
  • C. sending a verbal request to an administrator who knows how to change an account password
  • D. receiving an invitation to the department's weekly WebEx meeting
Discover Answer Hide Answer

B

Question#23


Refer to the exhibit. What is occurring in this network?

  • A. ARP cache poisoning
  • B. DNS cache poisoning
  • C. MAC address table overflow
  • D. MAC flooding attack
Discover Answer Hide Answer

A

Question#24

Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

  • A. syslog messages
  • B. full packet capture
  • C. NetFlow
  • D. firewall event logs
Discover Answer Hide Answer

C

Question#25

Which action prevents buffer overflow attacks?

  • A. variable randomization
  • B. using web based applications
  • C. input validation
  • D. using a Linux operating system
Discover Answer Hide Answer

C

Question#26

Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IP phones?

  • A. known-plaintext
  • B. replay
  • C. dictionary
  • D. man-in-the-middle
Discover Answer Hide Answer

D

Question#27


Refer to the exhibit. What should be interpreted from this packet capture?

  • A. 81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.
  • B. 192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.
  • C. 192.168.122.100 is sending a packet from port 80 to port 50272 of IP address 81.179.179.69 using UDP protocol.
  • D. 81.179.179.69 is sending a packet from port 50272 to port 80 of IP address 192.168.122.100 using TCP protocol.
Discover Answer Hide Answer

B

Question#28

What are the two characteristics of the full packet captures? (Choose two.)

  • A. Identifying network loops and collision domains.
  • B. Troubleshooting the cause of security and performance issues.
  • C. Reassembling fragmented traffic from raw data.
  • D. Detecting common hardware faults and identify faulty assets.
  • E. Providing a historical record of a network transaction.
Discover Answer Hide Answer

CE

Question#29


Refer to the exhibit. An engineer is analyzing this Cuckoo Sandbox report for a PDF file that has been downloaded from an email. What is the state of this file?

  • A. The file has an embedded executable and was matched by PEiD threat signatures for further analysis.
  • B. The file has an embedded non-Windows executable but no suspicious features are identified.
  • C. The file has an embedded Windows 32 executable and the Yara field lists suspicious features for further analysis.
  • D. The file was matched by PEiD threat signatures but no suspicious features are identified since the signature list is up to date.
Discover Answer Hide Answer

C

Question#30

DRAG DROP -
Drag and drop the technology on the left onto the data type the technology provides on the right.
Select and Place:

Discover Answer Hide Answer


chevron rightPrevious Nextchevron right
Email: support@exam-data.com
Copyright © 2024 Exam Data. All rights reserved.
Home Exams
chevron
Public Agreement Privacy Policy Sales and Refunds