ExamGecko
Login
Home / Cisco / 200-201 / List of questions
Ask Question

Cisco 200-201 Practice Test - Questions Answers, Page 19

List of questions

Question 181

Report Export Collapse

Which of these describes SOC metrics in relation to security incidents?

Become a Premium Member for full access
  Unlock Premium Member

Question 182

Report Export Collapse

What is the difference between the ACK flag and the RST flag?

Become a Premium Member for full access
  Unlock Premium Member

Question 183

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 183 109360 10072024004349000000

An engineer is analyzing a PCAP file after a recent breach An engineer identified that the attacker used an aggressive ARP scan to scan the hosts and found web and SSH servers. Further analysis showed several SSH Server Banner and Key Exchange Initiations. The engineer cannot see the exact data being transmitted over an encrypted channel and cannot identify how the attacker gained access How did the attacker gain access?

Become a Premium Member for full access
  Unlock Premium Member

Question 184

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 184 109361 10072024004349000000

What is occurring within the exhibit?

Become a Premium Member for full access
  Unlock Premium Member

Question 185

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 185 109362 10072024004349000000

Which component is identifiable in this exhibit?

Become a Premium Member for full access
  Unlock Premium Member

Question 186

Report Export Collapse

An engineer received an alert affecting the degraded performance of a critical server. Analysis showed a heavy CPU and memory load. What is the next step the engineer should take to investigate this resource usage?

Become a Premium Member for full access
  Unlock Premium Member

Question 187

Report Export Collapse

What is a difference between an inline and a tap mode traffic monitoring?

Become a Premium Member for full access
  Unlock Premium Member

Question 188

Report Export Collapse

Which regular expression is needed to capture the IP address 192.168.20.232?

Become a Premium Member for full access
  Unlock Premium Member

Question 189

Report Export Collapse

How does a certificate authority impact security?

Become a Premium Member for full access
  Unlock Premium Member

Question 190

Report Export Collapse

What is a difference between SIEM and SOAR?

Become a Premium Member for full access
  Unlock Premium Member
Total 331 questions
Go to page: of 34
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. What should be interpreted from this packet capture?
An organization that develops high-end technology is going through an internal audit The organization uses two databases The main database stores patent information and a secondary database stores employee names and contact information A compliance team is asked to analyze the infrastructure and identify protected data Which two types of protected data should be identified? (Choose two)
Which security principle is violated by running all processes as root or administrator?
According to CVSS, what is a description of the attack vector score?
What is a difference between SIEM and SOAR?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?
DRAG DROP Drag and drop the technology on the left onto the data type the technology provides on the right.
What is a comparison between rule-based and statistical detection?
A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)
Refer to the exhibit. In which Linux log file is this output found?