Home Exams
Log In Sign Up
Exams > Cisco > 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Page 6 out of 26 pages Questions 51-60 out of 258 questions
Question#51


Refer to the exhibit. Which event is occurring?

  • A. A binary named "submit" is running on VM cuckoo1.
  • B. A binary is being submitted to run on VM cuckoo1
  • C. A binary on VM cuckoo1 is being submitted for evaluation
  • D. A URL is being evaluated to see if it has a malicious binary
Discover Answer Hide Answer

C

Question#52


Refer to the exhibit. In which Linux log file is this output found?

  • A. /var/log/authorization.log
  • B. /var/log/dmesg
  • C. var/log/var.log
  • D. /var/log/auth.log
Discover Answer Hide Answer

D

Question#53

An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection.
Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)

  • A. signatures
  • B. host IP addresses
  • C. file size
  • D. dropped files
  • E. domain names
Discover Answer Hide Answer

BE

Question#54

An analyst is exploring the functionality of different operating systems.
What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?

  • A. queries Linux devices that have Microsoft Services for Linux installed
  • B. deploys Windows Operating Systems in an automated fashion
  • C. is an efficient tool for working with Active Directory
  • D. has a Common Information Model, which describes installed hardware and software
Discover Answer Hide Answer

D

Question#55

What causes events on a Windows system to show Event Code 4625 in the log messages?

  • A. The system detected an XSS attack
  • B. Someone is trying a brute force attack on the network
  • C. Another device is gaining root access to the system
  • D. A privileged user successfully logged into the system
Discover Answer Hide Answer

B

Question#56

One of the objectives of information security is to protect the CIA of information and systems.
What does CIA mean in this context?

  • A. confidentiality, identity, and authorization
  • B. confidentiality, integrity, and authorization
  • C. confidentiality, identity, and availability
  • D. confidentiality, integrity, and availability
Discover Answer Hide Answer

D

Question#57

What is rule-based detection when compared to statistical detection?

  • A. proof of a user's identity
  • B. proof of a user's action
  • C. likelihood of user's action
  • D. falsification of a user's identity
Discover Answer Hide Answer

B

Question#58

A user received a malicious attachment but did not run it.
Which category classifies the intrusion?

  • A. weaponization
  • B. reconnaissance
  • C. installation
  • D. delivery
Discover Answer Hide Answer

D

Question#59

Which process is used when IPS events are removed to improve data integrity?

  • A. data availability
  • B. data normalization
  • C. data signature
  • D. data protection
Discover Answer Hide Answer

B

Question#60

An analyst is investigating an incident in a SOC environment.
Which method is used to identify a session from a group of logs?

  • A. sequence numbers
  • B. IP identifier
  • C. 5-tuple
  • D. timestamps
Discover Answer Hide Answer

C

chevron rightPrevious Nextchevron right
Email: support@exam-data.com
Copyright © 2024 Exam Data. All rights reserved.
Home Exams
chevron
Public Agreement Privacy Policy Sales and Refunds