Ask Question
Cisco 200-201 Practice Test - Questions Answers, Page 6
List of questions
Question 51
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver. Which event category is described?
reconnaissance
action on objectives
installation
exploitation
This event category is exploitation because the HTTP requests contain PHP code that attempts to execute commands on the web server and create a backdoor. Exploitation is the phase of the attack where the threat actor gains access to the target system and executes malicious code.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1-0/CSCU-LP-CBROPS-V1-028093.html (Module 2, Lesson 2.1.3)
Question 52
What specific type of analysis is assigning values to the scenario to see expected outcomes?
deterministic
exploratory
probabilistic
descriptive
This type of analysis is deterministic because it assigns fixed values to the scenario and calculates the expected outcomes based on those values. Deterministic analysis does not account for uncertainty or randomness in the scenario.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1-0/CSCU-LP-CBROPS-V1-028093.html (Module 3, Lesson 3.1.2)
Question 53
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?
fragmentation
pivoting
encryption
stenography
Encryption allows the user to make the data incomprehensible without a specific key, certificate, or password. Encryption is a method of transforming data into a format that only authorized parties can access. Encryption can be used to protect data in transit or at rest from unauthorized access or modification.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1-0/CSCU-LP-CBROPS-V1-028093.html (Module 4, Lesson 4.1.1)
Question 54
Why is encryption challenging to security monitoring?
Encryption analysis is used by attackers to monitor VPN tunnels.
Encryption is used by threat actors as a method of evasion and obfuscation.
Encryption introduces additional processing requirements by the CPU.
Encryption introduces larger packet sizes to analyze and store.
Encryption is challenging to security monitoring because it can be used by threat actors as a method of evasion and obfuscation. Encryption can prevent security devices from inspecting the content or payload of the network traffic, making it difficult to detect malicious activity or signatures. Encryption can also hide the source and destination of the traffic, making it hard to trace the origin or destination of the attack.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1-0/CSCU-LP-CBROPS-V1-028093.html (Module 4, Lesson 4.1.1)
Question 55
An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is up to date; there are no alerts from antivirus and no failed login attempts. What is causing the lack of data visibility needed to detect the attack?
The threat actor used a dictionary-based password attack to obtain credentials.
The threat actor gained access to the system by known credentials.
The threat actor used the teardrop technique to confuse and crash login services.
The threat actor used an unknown vulnerability of the operating system that went undetected.
The lack of data visibility needed to detect the attack is caused by the threat actor gaining access to the system by known credentials. This means that the threat actor either obtained the employee's username and password through phishing, social engineering, or other means, or used a compromised account that had legitimate access to the system. This would explain why there were no suspicious logs, alerts, or failed login attempts, as the threat actor appeared to be a normal user.Reference: https://learningnetworkstore.cisco.com/on-demand-e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1-0/CSCU-LP-CBROPS-V1-028093.html (Module 2, Lesson 2.1.2)
Question 56
A company receptionist received a threatening call referencing stealing assets and did not take any action assuming it was a social engineering attempt. Within 48 hours, multiple assets were breached, affecting the confidentiality of sensitive information. What is the threat actor in this incident?
company assets that are threatened
customer assets that are threatened
perpetrators of the attack
victims of the attack
In this scenario, the threat actor refers to the individuals or entities responsible for the attack that resulted in a breach of assets and sensitive information. The receptionist received a threatening call but did not take action, leading to an actual breach within 48 hours.Reference: The explanation is inferred from general cybersecurity knowledge as specific details are not provided in the Cisco Cybersecurity documents linked.
Question 57
What is the relationship between a vulnerability and a threat?
A threat exploits a vulnerability
A vulnerability is a calculation of the potential loss caused by a threat
A vulnerability exploits a threat
A threat is a calculation of the potential loss caused by a vulnerability
A vulnerability refers to a weakness or flaw in a system that can be exploited by threats (such as hackers or malware) to gain unauthorized access, cause damage, etc. Threats exploit these vulnerabilities to impact the confidentiality, integrity, or availability of information and systems.Reference:Cisco Cybersecurity Associate
Question 58
What are two social engineering techniques? (Choose two.)
privilege escalation
DDoS attack
phishing
man-in-the-middle
pharming
Social engineering techniques often involve manipulating individuals into divulging confidential information or performing actions that compromise security. Phishing involves sending fraudulent messages (often emails) that appear to be from reputable sources with the goal of stealing sensitive data or installing malware. Pharming redirects the traffic of a legitimate website to another fraudulent website without the user's knowledge, aiming to collect the user's credentials.Reference:=Cisco Cybersecurity Source Documents
Question 59
Refer to the exhibit.
What does the output indicate about the server with the IP address 172.18.104.139?
open ports of a web server
open port of an FTP server
open ports of an email server
running processes of the server
The output indicates that several ports are open on the server with IP address 172.18.104.139, including port 22/tcp for SSH, port 25/tcp for SMTP, port 110/tcp for POP3, and port 143/tcp for IMAP - these are typically associated with a web server.Reference:=Cisco Cybersecurity Source Documents
Question 60
How does certificate authority impact a security system?
It authenticates client identity when requesting SSL certificate
It validates domain identity of a SSL certificate
It authenticates domain identity when requesting SSL certificate
It validates client identity when communicating with the server
A Certificate Authority (CA) is responsible for issuing digital certificates to validate the identity of the certificate holder and provide a means to establish secure communications over networks like the Internet.Reference:=Cisco Cybersecurity Source Documents
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question