ExamGecko
Login
Home / Cisco / 200-201 / List of questions
Ask Question

Cisco 200-201 Practice Test - Questions Answers, Page 33

List of questions

Question 321

Report Export Collapse

A security engineer must investigate a recent breach within the organization. An engineer noticed that a breached workstation is trying to connect to the domain 'Ranso4730-mware92-647'. which is known as malicious. In which step of the Cyber Kill Chain is this event?

Become a Premium Member for full access
  Unlock Premium Member

Question 322

Report Export Collapse

What is data encapsulation?

Become a Premium Member for full access
  Unlock Premium Member

Question 323

Report Export Collapse

Which type of attack uses a botnet to reflect requests off of an NTP server to overwhelm a target?

Become a Premium Member for full access
  Unlock Premium Member

Question 324

Report Export Collapse

Which of these is a defense-in-depth strategy principle?

Become a Premium Member for full access
  Unlock Premium Member

Question 325

Report Export Collapse

How low does rule-based detection differ from behavioral detection?

Become a Premium Member for full access
  Unlock Premium Member

Question 326

Report Export Collapse

Refer to exhibit.

Cisco 200-201 image Question 326 109503 10072024004349000000

An engineer is Investigating an Intrusion and Is analyzing the pcap file. Which two key elements must an engineer consider? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 327

Report Export Collapse

Which statement describes indicators of attack?

Become a Premium Member for full access
  Unlock Premium Member

Question 328

Report Export Collapse

How is SQL injection prevented?

Become a Premium Member for full access
  Unlock Premium Member

Question 329

Report Export Collapse

A member of the SOC team is checking the dashboard provided by the Cisco Firepower Manager for further Isolation actions. According to NIST SP800-61, in which phase of incident response is this action?

Become a Premium Member for full access
  Unlock Premium Member

Question 330

Report Export Collapse

Which action matches the weaponization step of the Cyber Kill Chain Model?

Become a Premium Member for full access
  Unlock Premium Member
Total 331 questions
Go to page: of 34
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. What should be interpreted from this packet capture?
An organization that develops high-end technology is going through an internal audit The organization uses two databases The main database stores patent information and a secondary database stores employee names and contact information A compliance team is asked to analyze the infrastructure and identify protected data Which two types of protected data should be identified? (Choose two)
Which security principle is violated by running all processes as root or administrator?
According to CVSS, what is a description of the attack vector score?
What is a difference between SIEM and SOAR?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?
DRAG DROP Drag and drop the technology on the left onto the data type the technology provides on the right.
What is a comparison between rule-based and statistical detection?
A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)
Refer to the exhibit. In which Linux log file is this output found?