Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 200-201 - Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Cisco 200-201 Premium Access     Download Demo    
Page: 1 / 13
Total 451 questions

Which list identifies the information that the client sends to the server in the negotiation phase of the TLS handshake?

A.

ClientStart, ClientKeyExchange, cipher-suites it supports, and suggested compression methods

B.

ClientStart, TLS versions it supports, cipher-suites it supports, and suggested compression methods

C.

ClientHello, TLS versions it supports, cipher-suites it supports, and suggested compression methods

D.

ClientHello, ClientKeyExchange, cipher-suites it supports, and suggested compression methods

Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

A security engineer must determine why a new core application does not work as desired The client can send requests toward the application server but receives no response One of the requirements is to gather all packets Data needs to be reliable without any delay or packet drops Which solution best meets this need?

A.

3 device logs

B.

span port

C.

port mirroring

D.

tap device

A network engineer discovers that a foreign government hacked one of the defense contractors in their home country and stole intellectual property. What is the threat agent in this situation?

A.

the intellectual property that was stolen

B.

the defense contractor who stored the intellectual property

C.

the method used to conduct the attack

D.

the foreign government that conducted the attack

Refer to the exhibit. The figure shows an X 509 certificate. Which field represents the digital cryptographic algorithm used by the issuer to sign the certificate?

A.

Signature Algorithm

B.

Timestamp

C.

Fingerprints

D.

Log Operator

Refer to the exhibit.

Which type of attack is being executed?

A.

SQL injection

B.

cross-site scripting

C.

cross-site request forgery

D.

command injection

What are the two differences between stateful and deep packet inspection? (Choose two )

A.

Stateful inspection is capable of TCP state tracking, and deep packet filtering checks only TCP source and destination ports

B.

Deep packet inspection is capable of malware blocking, and stateful inspection is not

C.

Deep packet inspection operates on Layer 3 and 4. and stateful inspection operates on Layer 3 of the OSI model

D.

Deep packet inspection is capable of TCP state monitoring only, and stateful inspection can inspect TCP and UDP.

E.

Stateful inspection is capable of packet data inspections, and deep packet inspection is not

Which evasion method involves performing actions slower than normal to prevent detection?

A.

timing attack

B.

traffic fragmentation

C.

resource exhaustion

D.

tunneling

In a SOC environment, what is a vulnerability management metric?

A.

code signing enforcement

B.

full assets scan

C.

internet exposed devices

D.

single factor authentication

What is a description of "phishing" as a social engineering attack"?

A.

Someone without the proper authentication follows an authenticated employee into a restricted area The attacker might impersonate a delivery driver and wait outside a building to get things started

B.

A hacker masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message The recipient is then tricked into clicking a malicious link.

C.

The attacker focuses on creating a good pretext or a fabricated scenario that is used to try and steal victims' personal information

D.

Fake Social Security Administration personnel contact random individuals inform them that there has been a computer problem on their end and ask that those individuals confirm their Social Security Number, all for the purpose of committing identity theft.