ExamGecko
Login
Home / Cisco / 200-201 / List of questions
Ask Question

Cisco 200-201 Practice Test - Questions Answers, Page 17

List of questions

Question 161

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 161 109338 10072024004349000000

Which type of attack is being executed?

SQL injection

SQL injection

cross-site scripting

cross-site scripting

cross-site request forgery

cross-site request forgery

command injection

command injection

Suggested answer: A
Explanation:

The exhibit shows a SQL query that is attempting to bypass login controls by modifying the query to always return true. This is a common tactic used in SQL injection attacks where malicious SQL statements are inserted into an entry field for execution.Reference:=Cisco Cybersecurity Source Documents

asked 07/10/2024
Noor Amy
44 questions

Question 162

Report Export Collapse

Which attack represents the evasion technique of resource exhaustion?

SQL injection

SQL injection

man-in-the-middle

man-in-the-middle

bluesnarfing

bluesnarfing

denial-of-service

denial-of-service

Suggested answer: D
Explanation:

A denial-of-service attack represents the evasion technique of resource exhaustion, where the attacker overwhelms a system's resources, making the system unusable and unable to handle legitimate requests.Reference:=Cisco Cybersecurity Source Documents

asked 07/10/2024
Thabo Sebola
45 questions

Question 163

Report Export Collapse

A threat actor penetrated an organization's network. Using the 5-tuple approach, which data points should the analyst use to isolate the compromised host in a grouped set of logs?

event name, log source, time, source IP, and host name

event name, log source, time, source IP, and host name

protocol, source IP, source port, destination IP, and destination port

protocol, source IP, source port, destination IP, and destination port

event name, log source, time, source IP, and username

event name, log source, time, source IP, and username

protocol, log source, source IP, destination IP, and host name

protocol, log source, source IP, destination IP, and host name

Suggested answer: B
Explanation:

The 5-tuple approach consists of protocol, source IP address, source port number, destination IP address, and destination port number to uniquely identify sessions between endpoints on a network.Reference:=Cisco Cybersecurity Source Documents

asked 07/10/2024
CATALIN FLORESCU
39 questions

Question 164

Report Export Collapse

Which event is a vishing attack?

obtaining disposed documents from an organization

obtaining disposed documents from an organization

using a vulnerability scanner on a corporate network

using a vulnerability scanner on a corporate network

setting up a rogue access point near a public hotspot

setting up a rogue access point near a public hotspot

impersonating a tech support agent during a phone call

impersonating a tech support agent during a phone call

Suggested answer: D
Explanation:

Vishing is an attack where fraudsters impersonate legitimate entities via phone calls to deceive individuals into providing sensitive information or performing actions that compromise security.Reference:=Cisco Cybersecurity Source Documents

asked 07/10/2024
Leila Bekirova
42 questions

Question 165

Report Export Collapse

What is indicated by an increase in IPv4 traffic carrying protocol 41 ?

Become a Premium Member for full access
  Unlock Premium Member

Question 166

Report Export Collapse

What is the impact of false positive alerts on business compared to true positive?

Become a Premium Member for full access
  Unlock Premium Member

Question 167

Report Export Collapse

An organization's security team has detected network spikes coming from the internal network. An investigation has concluded that the spike in traffic was from intensive network scanning How should the analyst collect the traffic to isolate the suspicious host?

Become a Premium Member for full access
  Unlock Premium Member

Question 168

Report Export Collapse

What is an incident response plan?

Become a Premium Member for full access
  Unlock Premium Member

Question 169

Report Export Collapse

An engineer is addressing a connectivity issue between two servers where the remote server is unable to establish a successful session. Initial checks show that the remote server is not receiving an SYN-ACK while establishing a session by sending the first SYN. What is causing this issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 170

Report Export Collapse

A security incident occurred with the potential of impacting business services. Who performs the attack?

Become a Premium Member for full access
  Unlock Premium Member
Total 331 questions
Go to page: of 34
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. What should be interpreted from this packet capture?
An organization that develops high-end technology is going through an internal audit The organization uses two databases The main database stores patent information and a secondary database stores employee names and contact information A compliance team is asked to analyze the infrastructure and identify protected data Which two types of protected data should be identified? (Choose two)
Which security principle is violated by running all processes as root or administrator?
According to CVSS, what is a description of the attack vector score?
What is a difference between SIEM and SOAR?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?
DRAG DROP Drag and drop the technology on the left onto the data type the technology provides on the right.
What is a comparison between rule-based and statistical detection?
A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)
Refer to the exhibit. In which Linux log file is this output found?