DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

CCNA 200-201 Cbrops Exam Questions 2023, Free CCNA Practice Exam | SPOTO

Exam Name:Understanding Cisco Cybersecurity Operations Fundamentals
Exam Number:200-201 CBROPS
Exam Price:$300 USD
Number of Questions:95-105
Update Time:11/2024
Passing Score: (750-850/1000)
Practice ExamCisco Certified CyberOps Associate Practice Test

You can find latest Cisco 200-201 exam questions and answers, free exam dumps and mock tests at SPOTO. The latest 200-201 exam questions are the best exam prep resource for the exam.

Take other online exams
Question #1
A security analyst notices a sudden surge of incoming traffic and detects unknown packets from unknown senders. After further investigation, the analyst learns that customers claim that they cannot access company servers. According to NIST SP800-61, in which phase of the incident response process is the analyst?
A. reparation
B. ontainment, eradication, and recovery
C. ost-incident activity
D. etection and analysis
View answer
Correct Answer: D
Question #2
An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection. Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)
A. ignatures
B. ost IP addresses
C. ile size
D. ropped files
E. omain names
View answer
Correct Answer: BE
Question #3
An engineer is investigating a case of the unauthorized usage of the "tcpdump" tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?
A. ll firewall alerts and resulting mitigations
B. agged protocols being used on the network
C. agged ports being used on the network
D. ll information and data within the datagram
View answer
Correct Answer: D
Question #4
Which are the two score metrics as defined in CVSS v3? (Choose two.)
A. emporal Score Metrics
B. atural Score Metrics
C. ase Score Metrics
D. efinitive Score Metrics
E. isk Score Metrics
View answer
Correct Answer: AC
Question #5
According to the September 2020 threat intelligence feeds, new malware called Egregor was introduced and used in many attacks. Distribution of Egregor is primarily through a Cobalt Strike that has been installed on victim's workstations using RDP exploits. Malware exfiltrates the victim's data to a command and control server. The data is used to force victims pay or lose it by publicly releasing it. Which type of attack is described?
A. ansomware attack
B. hale-phishing
C. alware attack
D. nsider threat
View answer
Correct Answer: A
Question #6
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
A. SIRT
B. SIRT
C. ublic affairs
D. anagement
View answer
Correct Answer: D
Question #7
An engineer discovered a breach, identified the threat's entry point, and removed access. The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?
A. nalyze the threat
B. ecover from the threat
C. educe the probability of similar threats
D. dentify lessons learned from the threat
View answer
Correct Answer: B
Question #8
Why is HTTPS traffic difficult to screen?
A. igital certificates secure the session, and the data is sent at random intervals
B. TTPS is used internally and screening traffic for external parties is hard due to isolation
C. he communication is encrypted and the data in transit is secured
D. raffic is tunneled to a specific destination and is inaccessible to others except for the receiver
View answer
Correct Answer: C
Question #9
Which type of verification consists of using tools to compute the message digest of the original and copied data, then comparing the similarity of the digests?
A. ata integrity
B. ata preservation
C. vidence collection order
D. olatile data collection
View answer
Correct Answer: C
Question #10
What is the purpose of a SIEM solution?
A. o collect and correlate event log data to provide holistic views of the security posture of an environment
B. o monitor and manage firewall access control lists for duplicate firewall filtering
C. o collect and categorize indicators of compromise to evaluate and search for potential security threats
D. o collect and forward event logs to another log collection device to evaluate security threats
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.