최신 200-201 무료덤프 - Cisco Understanding Cisco Cybersecurity Operations Fundamentals

문제1

Refer to the exhibit.
An engineer received an event log file to review. Which technology generated the log?

A. IDS/IPS

B. proxy

C. firewall

D. NetFlow

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

A security engineer must investigate a recent breach within the organization. An engineer noticed that a breached workstation is trying to connect to the domain "Ranso4730-mware92-647". which is known as malicious. In which step of the Cyber Kill Chain is this event?

A. Delivery

B. Action on objectives

C. reconnaissance

D. Vaporization

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Which filter allows an engineer to filter traffic in Wireshark to further analyze the PCAP file by only showing the traffic for LAN 10.11.x.x, between workstations and servers without the Internet?

A. src=10.11.0.0/16 and dst=10.11.0.0/16

B. src==10.11.0.0/16 and dst==10.11.0.0/16

C. ip.src=10.11.0.0/16 and ip.dst=10.11.0.0/16

D. ip.src==10.11.0.0/16 and ip.dst==10.11.0.0/16

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which evasion technique is indicated when an intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources?

A. resource exhaustion

B. tunneling

C. traffic fragmentation

D. timing attack

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Refer to the exhibit.
A company employee is connecting to mail google.com from an endpoint device. The website is loaded but with an error. What is occurring?

A. DNS hijacking attack

B. man-m-the-middle attack

C. Endpoint local time is invalid.

D. Certificate is not in trusted roots.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

How can TOR impact data visibility inside an organization?

A. increases data integrity

B. no impact

C. decreases visibility

D. increases security

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

What is the difference between inline traffic interrogation and traffic mirroring?

A. Inline replicates the traffic to preserve integrity rather than modifying packets before sending them to other analysis tools.

B. Traffic mirroring results in faster traffic analysis and inline is considerably slower due to latency.

C. Inline interrogation is less complex as traffic mirroring applies additional tags to data.

D. Traffic mirroring copies the traffic rather than forwarding it directly to the analysis tools

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which security model assumes an attacker within and outside of the network and enforces strict verification before connecting to any system or resource within the organization?

A. Zero Trust

B. Take-Grant

C. Biba

D. Object-capability

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which attack method intercepts traffic on a switched network?

A. ARP cache poisoning

B. denial of service

C. command and control

D. DHCP snooping

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

A. firewall event logs

B. syslog messages

C. full packet capture

D. NetFlow

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제11

Refer to the exhibit.
What is occurring?

A. ARP poisoning

B. ARP flood

C. DNS tunneling

D. DNS amplification

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제12

An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network. What is the impact of this traffic?

A. users downloading copyrighted content

B. user circumvention of the firewall

C. data exfiltration

D. ransomware communicating after infection

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

An engineer is working on a ticket for an incident from the incident management team A week ago. an external web application was targeted by a DDoS attack Server resources were exhausted and after two hours it crashed. An engineer was able to identify the attacker and technique used Three hours after the attack, the server was restored and the engineer recommended implementing mitigation by Blackhole filtering and transferred the incident ticket back to the IR team According to NIST SP800-61, at which phase of the incident response did the engineer finish work?

A. post-incident activity

B. containment eradication and recovery

C. preparation

D. detection and analysis

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

최신 200-201 무료덤프 - Cisco Understanding Cisco Cybersecurity Operations Fundamentals

우리와 연락하기

유용한 링크

최신 업데이트