Cisco 200-201 Practice Test - Questions Answers, Page 27

Which statement describes patch management?

Refer to the exhibit.

An attacker gained initial access to the company s network and ran an Nmap scan to advance with the lateral movement technique and to search the sensitive data. Which two elements can an attacker identify from the scan? (Choose two.)

Why should an engineer use a full packet capture to investigate a security breach?

Refer to the exhibit.

Which technology produced the log?

A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)

Exhibit.

An engineer received a ticket about a slowdown of a web application, Drug analysis of traffic, the engineer suspects a possible attack on a web server. How should the engineer interpret the Wiresharat traffic capture?

Refer to the exhibit.

An attacker scanned the server using Nmap.

What did the attacker obtain from this scan?

Which classification of cross-site scripting attack executes the payload without storing it for repeated use?

An engineer received an alert affecting the degraded performance of a critical server Analysis showed a heavy CPU and memory load What is the next step the engineer should take to investigate this resource usage7