최신 200-201 무료덤프 - Cisco Understanding Cisco Cybersecurity Operations Fundamentals

문제1

A system administrator is ensuring that specific registry information is accurate.
Which type of configuration information does the HKEY_LOCAL_MACHINE hive contain?

A. file extension associations

B. hardware, software, and security settings for the system

C. all users on the system, including visual settings

D. currently logged in users, including folders and control panel settings

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

An engineer is working with the compliance teams to identify the data passing through the network. During analysis, the engineer informs the compliance team that external penmeter data flows contain records, writings, and artwork Internal segregated network flows contain the customer choices by gender, addresses, and product preferences by age. The engineer must identify protected data. Which two types of data must be identified'? (Choose two.)

A. PHI

B. PII

C. copyright

D. SOX

E. PCI

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

How can TOR impact data visibility inside an organization?

A. increases data integrity

B. no impact

C. decreases visibility

D. increases security

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

What is the dataflow set in the NetFlow flow-record format?

A. Dataflow set is a collection of binary patterns

B. Dataflow set is a collection of HEX records.

C. Dataflow set is a collection of data records.

D. Dataflow set provides basic information about the packet such as the NetFlow version

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Which security model assumes an attacker within and outside of the network and enforces strict verification before connecting to any system or resource within the organization?

A. Zero Trust

B. Take-Grant

C. Biba

D. Object-capability

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which evasion method involves performing actions slower than normal to prevent detection?

A. resource exhaustion

B. tunneling

C. traffic fragmentation

D. timing attack

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

정답:

Explanation:
Delivery: This step involves transmitting the weapon to the target.
Weaponization: In this step, the intruder creates a malware weapon like a virus, worm or such in order to exploit the vulnerabilities of the target. Depending on the target and thepurpose of the attacker, this malware can exploit new, undetected vulnerabilities (also known as the zero-day exploits) or it can focus on a combination of different vulnerabilities.
Reconnaissance: In this step, the attacker / intruder chooses their target. Then they conduct an in-depth research on this target to identify its vulnerabilities that can be exploited.

문제8

A large load of data is being transferred to an external destination via UDP 53 port. Which obfuscation technique is used?

A. data masking

B. proxied traffic

C. C&C connection

D. DNS tunneling

정답: D

문제9

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

A. 5-tuple

B. sequence numbers

C. IP identifier

D. timestamps

정답: A

문제10

Which type of evasion technique is accomplished by separating the traffic into smaller segments before transmitting across the network?

A. fragmentation

B. proxies

C. tunneling

D. encryption

정답: A

문제11

What is the difference between vulnerability and risk?

A. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself

B. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause.

C. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit

D. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제12

An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap. Which command will accomplish this goal?

A. nmap -sL 192.168.1.0/24

B. nmap -sV 192.168.1.0/24

C. nmap --top-ports 192.168.1.0/24

D. nmap -sP 192.168.1.0/24

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제13

What describes the impact of false-positive alerts compared to false-negative alerts?

A. A false positive is an event alerting for a brute-force attack An engineer investigates the alert and discovers that a legitimate user entered the wrong credential several times A false negative is when a threat actor tries to brute-force attack a system and no alert is raised.

B. A false positive is an event alerting for an SQL injection attack An engineer investigates the alert and discovers that an attack attempt was blocked by IPS A false negative is when the attack gets detected but succeeds and results in a breach.

C. A false negative is a legitimate attack triggering a brute-force alert. An engineer investigates the alert and finds out someone intended to break into the system A false positive is when no alert and no attack is occurring

D. A false negative is alerting for an XSS attack. An engineer investigates the alert and discovers that an XSS attack happened A false positive is when an XSS attack happens and no alert is raised

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Refer to the exhibit.

A security analyst is investigating unusual activity from an unknown IP address Which type of evidence is this file1?

A. direct evidence

B. corroborative evidence

C. indirect evidence

D. best evidence

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제15

What is a difference between inline traffic interrogation and traffic mirroring?

A. Traffic mirroring passes live traffic to a tool for blocking

B. Inline traffic copies packets for analysis and security

C. Inline inspection acts on the original traffic data flow

D. Traffic mirroring inspects live traffic for analysis and mitigation

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 200-201 무료덤프 - Cisco Understanding Cisco Cybersecurity Operations Fundamentals

우리와 연락하기

유용한 링크

최신 업데이트