Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Cisco
  3. CyberOps Associate
  4. 200-201
  5. Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) Questions and Answers

Pass the Cisco CyberOps Associate 200-201 Questions and answers with ValidTests

Exam 200-201 All Questions
Exam 200-201 Premium Access

View all detail and faqs for the 200-201 exam

Go to Exam
Viewing page 11 out of 15 pages
Viewing questions 101-110 out of questions
Questions # 101:

What describes the public key infrastructure (PKI)?

Options:

A.

PKI verifies the identity of the user and sender and creates secure communication channels using asymmetric encryption.

B.

PKI ensures packet loss prevention and creates secure communication channels using symmetric encryption.

C.

PKI verifies the identity of the user and sender and creates secure communication channels using symmetric encryption.

D.

PKI ensures packet loss prevention and creates secure communication channels using asymmetric encryption.

Questions # 102:

What is a sandbox interprocess communication service?

Options:

A.

A collection of rules within the sandbox that prevent the communication between sandboxes.

B.

A collection of network services that are activated on an interface, allowing for inter-port communication.

C.

A collection of interfaces that allow for coordination of activities among processes.

D.

A collection of host services that allow for communication between sandboxes.

Questions # 103:

What does this regular expression do?

192|172).(168|1[6-9]|2[0-9]|3[0-1]).[0-9]{1,3}.[0-9]{1,3}\b

Options:

A.

It searches for private IP addresses except 10.0.0.0/8 IP address range.

B.

It matches any IP addresses within 172.16.0.0/16 IP address range.

C.

It searches for lines with private IP addresses in text.

D.

It extracts lines with 192.168.0.0/16 IP address range from the text.

Questions # 104:

What is a key difference between a tampered and an untampered disk image during a forensic investigation?

Options:

A.

An untampered image is encrypted, and a tampered one is not encrypted.

B.

A tampered image has a different hash value, and an untampered image has an unchanged hash value.

C.

A tampered image is accessible only by administrators, and an untampered one is accessible by all users.

D.

An untampered image is compressed, and a tampered one is left uncompressed.

Questions # 105:

Which principle reduces the risk of attackers gaining access to sensitive data by compromising a low-level user account?

Options:

A.

least privilege

B.

privilege separation

C.

limited access

D.

separation of duties

Questions # 106:

Which evasion method is being used when TLS is observed between two endpoints?

Options:

A.

Obfuscation

B.

Encryption

C.

X.509 certificate authentication

D.

Traffic insertion

Questions # 107:

Which type of data is used to detect anomalies in the network?

Options:

A.

statistical data

B.

alert data

C.

transaction data

D.

metadata

Questions # 108:

What is the difference between attack surface and vulnerability?

Options:

A.

An attack surface is a way of taking advantage of a system or resource, and a vulnerability is a specific technique utilized by the vulnerability.

B.

A vulnerability describes how software or a system is exposed to potential attacks, and an attack surface is an actual weakness that exposes the potential risk.

C.

A vulnerability is a way of taking advantage of a system or resource, and an attack surface is a specific technique utilized by the vulnerability.

D.

An attack surface describes how software or a system is exposed to potential attacks, and a vulnerability is an actual weakness that exposes the potential risk.

Questions # 109:

The SOC team detected an ongoing port scan. After investigation, the team concluded that the scan was targeting the company servers. According to the Cyber Kill Chain model, which step must be assigned to this type of event?

Options:

A.

actions on objectives

B.

delivery

C.

reconnaissance

D.

exploitation

Questions # 110:

An engineer received an alert affecting the degraded performance of a critical server Analysis showed a heavy CPU and memory load. What is the next step the engineer should take to investigate this resource usage?

Options:

A.

Run "ps -ef to understand which processes are taking a high amount of resources

B.

Run "ps -u" to find out who executed additional processes that caused a high load on a server

C.

Run "ps -m" to capture the existing state of daemons and map the required processes to find the gap

D.

Run "ps -d" to decrease the priority state of high-load processes to avoid resource exhaustion

Viewing page 11 out of 15 pages
Viewing questions 101-110 out of questions