최신 200-201 무료덤프 - Cisco Understanding Cisco Cybersecurity Operations Fundamentals

문제1

A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)

A. Block connection to this C&C server on the perimeter next-generation firewall

B. Update antivirus signature databases on affected endpoints to block connections to C&C

C. Isolate affected endpoints and take disk images for analysis

D. Detect the attack vector and analyze C&C connections

E. Provide security awareness training to HR managers and employees

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

What is the difference between vulnerability and risk?

A. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself

B. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause.

C. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit

D. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

How is NetFlow different from traffic mirroring?

A. NetFlow collects metadata and traffic mirroring clones data.

B. Traffic mirroring costs less to operate than NetFlow.

C. NetFlow generates more data than traffic mirroring.

D. Traffic mirroring impacts switch performance and NetFlow does not.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

A user received a malicious attachment but did not run it. Which category classifies the intrusion?

A. weaponization

B. delivery

C. installation

D. reconnaissance

정답: B

문제5

Drag and drop the access control models from the left onto the correct descriptions on the right.

정답:

문제6

Refer to the exhibit.
Which stakeholders must be involved when a company workstation is compromised?

A. Employee 1 Employee 2, Employee 3, Employee 4, Employee 5, Employee 7

B. Employee 2, Employee 3, Employee 4, Employee 5

C. Employee 1, Employee 2, Employee 4, Employee 5

D. Employee 4, Employee 6, Employee 7

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which regex matches only on all lowercase letters?

A. a*z+

B. a-z+

C. [a-z]+

D. [^a-z]+

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제8

What makes HTTPS traffic difficult to monitor?

A. packet header size

B. encryption

C. SSL interception

D. signature detection time

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

A security analyst notices a sudden surge of incoming traffic and detects unknown packets from unknown senders After further investigation, the analyst learns that customers claim that they cannot access company servers According to NIST SP800-61, in which phase of the incident response process is the analyst?

A. post-incident activity

B. preparation

C. detection and analysis

D. containment, eradication, and recovery

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which statement describes patch management?

A. process of appropriate distribution of system or software updates

B. scanning servers and workstations for missing patches and vulnerabilities

C. managing and keeping previous patches lists documented for audit purposes

D. workflow of distributing mitigations of newly found vulnerabilities

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제11

How does certificate authority impact a security system?

A. It authenticates client identity when requesting SSL certificate

B. It validates client identity when communicating with the server

C. It authenticates domain identity when requesting SSL certificate

D. It validates domain identity of a SSL certificate

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제12

What is a benefit of using asymmetric cryptography?

A. fast data transfer

B. secure data transfer

C. encrypts data with one key

D. decrypts data with one key

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제13

An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection.
Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)

A. file size

B. dropped files

C. domain names

D. signatures

E. host IP addresses

정답: C,E

설명: (DumpTOP 회원만 볼 수 있음)

최신 200-201 무료덤프 - Cisco Understanding Cisco Cybersecurity Operations Fundamentals

우리와 연락하기

유용한 링크

최신 업데이트