Practice 200-201 Exam Online

Question 1

According to CVSS, what is a description of the attack vector score?

A : It depends on how far away the attacker is located and the vulnerable component.

B : The metric score will be larger when a remote attack is more likely.

C : It depends on how many physical and logical manipulations are possible on a vulnerable component.

D : The metric score will be larger when it is easier to physically touch or manipulate the vulnerable component.

Answer: B

Question 2

Refer to the exhibit.

An analyst was given a PCAP file, which is associated with a recent intrusion event in the company FTP server Which display filters should the analyst use to filter the FTP traffic?

A : dstport == FTP

B : tcp.port==21

C : tcpport = FTP

D : dstport = 21

Answer: C

Question 3

Which security technology allows only a set of pre-approved applications to run on a system?

A : application-level blacklisting

B : host-based IPS

C : application-level whitelisting

D : antivirus

Answer: C

Question 4

Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

A : A policy violation is active for host 10.10.101.24.

B : A host on the network is sending a DDoS attack to another inside host.

C : There are two active data exfiltration alerts.

D : A policy violation is active for host 10.201.3.149.

Answer: C

Question 5

Refer to the exhibit.

Which type of log is displayed?

A : IDS

B : proxy

C : NetFlow

D : sys

Answer: A

Name:	Understanding Cisco Cybersecurity Operations Fundamentals
Exam Code:	200-201
Certification:	CyberOps Associate
Vendor:	Cisco
Total Questions:	406
Last Updated:	Apr 24, 2024

Cisco 200-201