Home / Cisco / 200-201

Question list

List of questions

Question 1

(0)

Which evasion technique is indicated when an intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources?

Question 2

(0)

Refer to the exhibit. Which application protocol is in this PCAP file?

Question 3

(0)

Which piece of information is needed for attribution in an investigation?

Question 4

(0)

What does cyber attribution identify in an investigation?

Question 5

(0)

What is a purpose of a vulnerability management framework?

Question 6

(0)

A network engineer discovers that a foreign government hacked one of the defense contractors in their home country and stole intellectual property. What is the threat agent in this situation?

Question 7

(0)

What is the practice of giving an employee access to only the resources needed to accomplish their job?

Question 8

(0)

Which metric is used to capture the level of access needed to launch a successful attack?

Question 9

(0)

What is the difference between an attack vector and attack surface?

Question 10

(0)

What is the principle of defense-in-depth?

Question 311 - 200-201 discussion

A network engineer noticed in the NetFlow report that internal hosts are sending many DNS requests to external DNS servers A SOC analyst checked the endpoints and discovered that they are infected and became part of the botnet Endpoints are sending multiple DNS requests but with spoofed IP addresses of valid external sources What kind of attack are infected endpoints involved in1?