Cisco 200-201 Practice Test - Questions Answers, Page 10

Cisco Application Visibility and Control (AVC) provides features like metrics collection and exporting (D) for visibility on TCP bandwidth usage, response time, and latency. Application recognition (E) combined with deep packet inspection helps in identifying unknown software by its network traffic flow.Reference:=Cisco CyberOps Associate - Module 2: Security Concepts

SSL Certificate guarantees the integrity and authenticity of all messages transferred to and from a web application. It encrypts the data transferred between the user's browser and the website, ensuring that all data passed between them remains private and integral.Reference:=Cisco CyberOps Engineer - Module 3: Secure Communications

The unauthorized usage of ''Tcpdump'' tool indicates that the malicious insider was attempting to obtain all information within datagrams passing through a specific interface on the network. Tcpdump allows users to capture packet data from a live network or read packets from a previously saved capture file.Reference:=Cisco CyberOps - Module 3: Network Data and Event Analysis

Social engineering is the practice of manipulating or deceiving people into performing actions or divulging information that can compromise the security of the organization. Asking questions about the company's user account format and password complexity at a party is an example of social engineering, as the guest may be trying to gather information that can be used to launch a cyberattack.Reference:= Cisco Cybersecurity Operations Fundamentals - Module 6: Security Incident Investigations

Full packet capture data involves storing the entire content of packets that traverse a network. This type of data is comprehensive and allows for detailed analysis but requires a significant amount of storage space compared to other data types like transaction, statistical, or session data.Reference:=Cisco Cybersecurity Operations Fundamentals - Module 3: Network Data and Event Analysis

Ping of Death involves sending oversized or malformed pings to crash the target system, while UDP flooding overwhelms the target with UDP packets to consume its resources and disrupt services. These are both examples of denial of service attacks, which aim to prevent legitimate users from accessing a system or service.Reference:=Cisco Cybersecurity Operations Fundamentals - Module 4: Network Intrusion Analysis

The -sP option in Nmap is used for host discovery without port scanning, which helps in identifying live hosts without triggering portscan alerts on IDS devices. It sends an ICMP echo request, a TCP SYN packet to port 443, a TCP ACK packet to port 80, and an ICMP timestamp request to each target IP address and waits for a response. Any responses are considered as indications of a live host.Reference:=Cisco Cybersecurity Operations Fundamentals - Module 5: Endpoint Threat Analysis and Computer Forensics

: Indirect evidence is evidence that does not directly prove a fact, but rather implies or infers it from other facts or circumstances. Indirect evidence is also known as circumstantial evidence or corroborating evidence. A video of a suspect entering a data center that was captured on the same day that files in the same data center were transferred to a competitor is an example of indirect evidence, because it does not directly show that the suspect was involved in the file transfer, but rather suggests a possible connection or correlation between the two events.Reference:= Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) v1.0, Module 5: Security Policies and Procedures, Lesson 5.3: Digital Forensics, Topic 5.3.1: Evidence, page 5-24.