ExamGecko
Login
Home / Cisco / 200-201 / List of questions
Ask Question

Cisco 200-201 Practice Test - Questions Answers, Page 24

List of questions

Question 231

Report Export Collapse

When an event is investigated, which type of data provides the investigate capability to determine if data exfiltration has occurred?

Become a Premium Member for full access
  Unlock Premium Member

Question 232

Report Export Collapse

What is the difference between deep packet inspection and stateful inspection?

Become a Premium Member for full access
  Unlock Premium Member

Question 233

Report Export Collapse

What is obtained using NetFlow?

Become a Premium Member for full access
  Unlock Premium Member

Question 234

Report Export Collapse

How does statistical detection differ from rule-based detection?

Become a Premium Member for full access
  Unlock Premium Member

Question 235

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 235 109412 10072024004349000000

What must be interpreted from this packet capture?

Become a Premium Member for full access
  Unlock Premium Member

Question 236

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 236 109413 10072024004349000000

Which field contains DNS header information if the payload is a query or a response?

Become a Premium Member for full access
  Unlock Premium Member

Question 237

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 237 109414 10072024004349000000

What is occurring?

Become a Premium Member for full access
  Unlock Premium Member

Question 238

Report Export Collapse

What is the difference between vulnerability and risk?

Become a Premium Member for full access
  Unlock Premium Member

Question 239

Report Export Collapse

An engineer received a flood of phishing emails from HR with the source address HRjacobm@companycom. What is the threat actor in this scenario?

Become a Premium Member for full access
  Unlock Premium Member

Question 240

Report Export Collapse

Refer to the exhibit.

Cisco 200-201 image Question 240 109417 10072024004349000000

A security analyst is investigating unusual activity from an unknown IP address Which type of evidence is this file1?

Become a Premium Member for full access
  Unlock Premium Member
Total 331 questions
Go to page: of 34
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. What should be interpreted from this packet capture?
An organization that develops high-end technology is going through an internal audit The organization uses two databases The main database stores patent information and a secondary database stores employee names and contact information A compliance team is asked to analyze the infrastructure and identify protected data Which two types of protected data should be identified? (Choose two)
Which security principle is violated by running all processes as root or administrator?
According to CVSS, what is a description of the attack vector score?
What is a difference between SIEM and SOAR?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?
DRAG DROP Drag and drop the technology on the left onto the data type the technology provides on the right.
What is a comparison between rule-based and statistical detection?
A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)
Refer to the exhibit. In which Linux log file is this output found?