Black Friday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 200-201 - Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Cisco 200-201 Premium Access     Download Demo    
Page: 9 / 13
Total 451 questions

Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

An analyst is investigating a host in the network that appears to be communicating to a command and control server on the Internet. After collecting this packet capture, the analyst cannot determine the technique and payload used for the communication.

Which obfuscation technique is the attacker using?

A.

Base64 encoding

B.

TLS encryption

C.

SHA-256 hashing

D.

ROT13 encryption

What is the difference between vulnerability and risk?

A.

A vulnerability is a weakness that can be exploited and the risk is the potential for loss or damage

B.

A vulnerability is an attack surface, and the risk is the vector of the attack

C.

A risk is a possible danger that an exploit applies to and a vulnerability represents the threat actor

D.

Risk is the assessment of possible weaknesses and vulnerability is a reconfiguration of an asset

Refer to the exhibit.

Which stakeholders must be involved when a company workstation is compromised?

A.

Employee 1 Employee 2, Employee 3, Employee 4, Employee 5, Employee 7

B.

Employee 1, Employee 2, Employee 4, Employee 5

C.

Employee 4, Employee 6, Employee 7

D.

Employee 2, Employee 3, Employee 4, Employee 5

Refer to the exhibit

An engineer is analyzing DNS response packets that are larger than expected The engineer looks closer and notices a lack of appropriate DNS queries What is occurring?

A.

DNS hijack attack

B.

DNS amplification attack

C.

DNS tunneling

D.

DNS cache poisoning

Refer to the exhibit. Which alert is identified from this packet?

A.

SYN flood

B.

SSDP amplification

C.

Fraggle attack

D.

TCP fragmentation attack

What is an example of social engineering attacks?

A.

receiving an unexpected email from an unknown person with an attachment from someone in the same company

B.

receiving an email from human resources requesting a visit to their secure website to update contact information

C.

sending a verbal request to an administrator who knows how to change an account password

D.

receiving an invitation to the department’s weekly WebEx meeting

Refer to the exhibit.

Which type of evidence is this file?

A.

corroborating evidence

B.

circumstantial evidence

C.

best evidence

D.

direct evidence

Which data capture includes payload and header information?

A.

frame check sequence

B.

full packet

C.

alert data

D.

session logs

Which process represents the application-level allow list?

A.

allowing everything and denying specific applications protocols

B.

allowing everything and denying specific executable files

C.

allowing specific format files and deny executable files

D.

allowing specific files and deny everything else