200-201 Practice Online

Question 1

Why is encryption challenging to security monitoring?

A : Encryption analysis is used by attackers to monitor VPN tunnels.

B : Encryption is used by threat actors as a method of evasion and obfuscation.

C : Encryption introduces additional processing requirements by the CPU.

D : Encryption introduces larger packet sizes to analyze and store.

Answer: B

Question 2

Which regular expression is needed to capture the IP address 192.168.20.232?

A : ^ (?:[0-9]{1,3}\.){3}[0-9]{1,3}

B : ^ (?:[0-9]f1,3}\.){1,4}

C : ^ (?:[0-9]{1,3}\.)'

D : ^ ([0-9]-{3})

Answer: A

Question 3

An analyst received an alert on their desktop computer showing that an attack was successful on the host. After investigating, the analyst discovered that no mitigation action occurred during the attack. What is the reason for this discrepancy?

A : The computer has a HIPS installed on it.

B : The computer has a NIPS installed on it.

C : The computer has a HIDS installed on it

D : The computer has a NIDS installed on it.

Answer: C

Question 4

Refer to the exhibit.

Which stakeholders must be involved when a company workstation is compromised?

A : Employee 1 Employee 2, Employee 3, Employee 4, Employee 5, Employee 7

B : Employee 1, Employee 2, Employee 4, Employee 5

C : Employee 4, Employee 6, Employee 7

D : Employee 2, Employee 3, Employee 4, Employee 5

Answer: D

Question 5

Refer to the exhibit.

An engineer is analyzing a PCAP file after a recent breach An engineer identified that the attacker used an aggressive ARP scan to scan the hosts and found web and SSH servers. Further analysis showed several SSH Server Banner and Key Exchange Initiations. The engineer cannot see the exact data being transmitted over an encrypted channel and cannot identify how the attacker gained access How did the attacker gain access?

A : by using the buffer overflow in the URL catcher feature for SSH

B : by using an SSH Tectia Server vulnerability to enable host-based authentication

C : by using an SSH vulnerability to silently redirect connections to the local host

D : by using brute force on the SSH service to gain access

Answer: C

Name:	Understanding Cisco Cybersecurity Operations Fundamentals
Exam Code:	200-201
Certification:	CyberOps Associate
Vendor:	Cisco
Total Questions:	406
Last Updated:	Apr 25, 2024

Download Demo 200-201 Dumps

Create Account

Password Recovery

200-201 Practice Online

Download Demo 200-201 Dumps

Member Login

Create Account

Password Recovery

200-201 Practice Online