Free Cisco 200-201 Exam Questions
Try our Free Demo Practice Tests for Comprehensive 200-201 Exam Preparation
-
Cisco 200-201 Exam Questions
-
Provided By: Cisco
- Exam: Understanding Cisco Cybersecurity Operations Fundamentals
- Certification: Cisco Cybersecurity Specialist
-
Total Questions: 406
-
Updated On: Jan 08, 2025
-
Rated: 4.9 |
-
Online Users: 812
-
Question 1
-
What causes events on a Windows system to show Event Code 4625 in the log messages?
Answer: B
-
What causes events on a Windows system to show Event Code 4625 in the log messages?
-
Question 2
-
An organization's security team has detected network spikes coming from the internal network. An investigation has concluded that the spike in traffic was from intensive network scanning How should the analyst collect the traffic to isolate the suspicious host?
Answer: A
-
An organization's security team has detected network spikes coming from the internal network. An investigation has concluded that the spike in traffic was from intensive network scanning How should the analyst collect the traffic to isolate the suspicious host?
-
Question 3
-
An engineer is investigating a case of the unauthorized usage of the ''Tcpdump'' tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?
Answer: C
-
An engineer is investigating a case of the unauthorized usage of the ''Tcpdump'' tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?
-
Question 4
-
According to CVSS, what is a description of the attack vector score?
Answer: B
-
According to CVSS, what is a description of the attack vector score?
-
Question 5
-
The SOC team has confirmed a potential indicator of compromise on an isolated endpoint. The team has narrowed the potential malware type to a new trojan family. According to the NIST Computer Security Incident Handling Guide, what is the next step in handling the event?
Answer: D
-
The SOC team has confirmed a potential indicator of compromise on an isolated endpoint. The team has narrowed the potential malware type to a new trojan family. According to the NIST Computer Security Incident Handling Guide, what is the next step in handling the event?