CertsTopics Logo

Pre-Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CyberOps Associate 200-201 Passing Score

Page: 4 / 25
Total 331 questions
Get 200-201 Full Access Download 200-201 PDF

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) Questions and Answers

Question 13

What is the difference between a threat and a risk?

Options:

A.

Threat represents a potential danger that could take advantage of a weakness in a system

B.

Risk represents the known and identified loss or danger in the system

C.

Risk represents the nonintentional interaction with uncertainty in the system

D.

Threat represents a state of being exposed to an attack or a compromise, either physically or logically.

Question 14

A security engineer notices confidential data being exfiltrated to a domain "Ranso4134-mware31-895" address that is attributed to a known advanced persistent threat group The engineer discovers that the activity is part of a real attack and not a network misconfiguration. Which category does this event fall under as defined in the Cyber Kill Chain?

Options:

A.

reconnaissance

B.

delivery

C.

action on objectives

D.

weaponization

Question 15

Exhibit.

An engineer received a ticket about a slowdown of a web application, Drug analysis of traffic, the engineer suspects a possible attack on a web server. How should the engineer interpret the Wiresharat traffic capture?

Options:

A.

10.0.0.2 sends GET/ HTTP/1.1 And Post request and the target responds with HTTP/1.1. 200 OC and HTTP/1.1 403 accordingly. This is an HTTP flood attempt.

B.

10.0.0.2 sends HTTP FORBIDDEN /1.1 And Post request, while the target responds with HTTP/1.1 200 Get and HTTP/1.1 403. This is an HTTP GET flood attack.

C.

10.128.0.2 sends POST/1.1 And POST requests, and the target responds with HTTP/1.1 200 Ok and HTTP/1.1 403 accordingly. This is an HTTP Reserve Bandwidth flood.

D.

10.128.0.2 sends HTTP/FORBIDDEN/ 1.1 and Get requests, and the target responds with HTTP/1.1 200 OK and HTTP/1.1 403. This is an HTTP cache bypass attack.

Question 16

What are two differences between tampered disk images and untampered disk images'? (Choose two.)

Options:

A.

Tampered Images are used in a security investigation process

B.

Untampered images can be used as law enforcement evidence.

C.

The image is untampered if the existing stored hash matches the computed one

D.

The image is tampered if the stored hash and the computed hash are identical

E.

Tampered images are used as an element for the root cause analysis report

Page: 4 / 25
Total 331 questions
Get 200-201 Full Access Download 200-201 PDF