Ask Question
Cisco 200-201 Practice Test - Questions Answers, Page 3
List of questions
Question 21
How is attacking a vulnerability categorized?
action on objectives
delivery
exploitation
installation
Attacking a vulnerability is categorized as exploitation, which is the third phase of the cyberattack lifecycle. Exploitation is the process of taking advantage of a vulnerability in a system, application, or network to gain access, escalate privileges, or execute commands. Action on objectives, delivery, and installation are other phases of the cyberattack lifecycle, but they do not involve attacking a vulnerability. Action on objectives is the final phase, where the attacker achieves their goal, such as stealing data, disrupting services, or destroying assets. Delivery is the second phase, where the attacker delivers the malicious payload, such as malware, phishing email, or malicious link, to the target. Installation is the fourth phase, where the attacker installs the malicious payload on the compromised system or network to maintain persistence or spread laterally.Reference:What is a Cyberattack? | IBM,Recognizing the seven stages of a cyber-attack - DNV
Question 22
What is a benefit of agent-based protection when compared to agentless protection?
It lowers maintenance costs
It provides a centralized platform
It collects and detects all traffic locally
It manages numerous devices simultaneously
Agent-based protection is a type of endpoint security that uses software agents installed on the devices to monitor and protect them. Agent-based protection can collect and detect all traffic locally, which means it can operate without relying on a network connection or a centralized server. Agent-based protection can also provide more granular and comprehensive visibility and control over the devices.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1.0/CSCU-LP-CBROPS-V1-028093.html (Module 2: Security Concepts, Lesson 2.3: Endpoint Security)
Question 23
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
decision making
rapid response
data mining
due diligence
Decision making is a principle that guides an analyst to gather information relevant to a security incident to determine the appropriate course of action. Decision making involves identifying the problem, defining the criteria, analyzing the alternatives, and choosing the best solution. Decision making helps an analyst to respond to an incident effectively and efficiently, while minimizing the impact and risk to the organization.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1.0/CSCU-LP-CBROPS-V1-028093.html (Module 3: Security Monitoring, Lesson 3.1: Security Operations Center)
Question 24
One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?
confidentiality, identity, and authorization
confidentiality, integrity, and authorization
confidentiality, identity, and availability
confidentiality, integrity, and availability
CIA stands for confidentiality, integrity, and availability, which are the three main objectives of information security. Confidentiality means protecting the information from unauthorized access or disclosure. Integrity means ensuring the information is accurate and consistent, and preventing unauthorized modification or deletion. Availability means ensuring the information and systems are accessible and usable by authorized users when needed.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1.0/CSCU-LP-CBROPS-V1-028093.html (Module 2: Security Concepts, Lesson 2.1: Security Principles)
Question 25
What is rule-based detection when compared to statistical detection?
proof of a user's identity
proof of a user's action
likelihood of user's action
falsification of a user's identity
Rule-based detection is a type of intrusion detection system (IDS) that uses predefined rules or signatures to identify malicious or suspicious activity. Rule-based detection can provide proof of a user's action, such as an attempt to exploit a known vulnerability or execute a malicious command. Rule-based detection can also provide a high level of accuracy and specificity, but it requires constant updates and maintenance of the rules or signatures.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1.0/CSCU-LP-CBROPS-V1-028093.html (Module 4: Attack Methods, Lesson 4.2: Attack Techniques)
Question 26
A user received a malicious attachment but did not run it. Which category classifies the intrusion?
weaponization
reconnaissance
installation
delivery
Question 27
Which process is used when IPS events are removed to improve data integrity?
data availability
data normalization
data signature
data protection
Question 28
An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?
sequence numbers
IP identifier
5-tuple
timestamps
Question 29
What is a difference between SOAR and SIEM?
SOAR platforms are used for threat and vulnerability management, but SIEM applications are not
SIEM applications are used for threat and vulnerability management, but SOAR platforms are not
SOAR receives information from a single platform and delivers it to a SIEM
SIEM receives information from a single platform and delivers it to a SOAR
Question 30
What is the difference between mandatory access control (MAC) and discretionary access control (DAC)?
MAC is controlled by the discretion of the owner and DAC is controlled by an administrator
MAC is the strictest of all levels of control and DAC is object-based access
DAC is controlled by the operating system and MAC is controlled by an administrator
DAC is the strictest of all levels of control and MAC is object-based access
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question