CyberOps Associate 200-201 Dumps Updated Oct 18, 2021 - PrepAwayExam [Q71-Q87]

Share

CyberOps Associate 200-201 Dumps | Updated  Oct 18, 2021 - PrepAwayExam

Master 2021 Latest The Questions CyberOps Associate and Pass 200-201  Real Exam!

NEW QUESTION 71
How does an SSL certificate impact security between the client and the server?

  • A. by enabling an authenticated channel between the client and the server
  • B. by creating an encrypted channel between the client and the server
  • C. by creating an integrated channel between the client and the server
  • D. by enabling an authorized channel between the client and the server

Answer: B

Explanation:
Section: Security Monitoring

 

NEW QUESTION 72
Drag and drop the uses on the left onto the type of security system on the right.

Answer:

Explanation:

 

NEW QUESTION 73
An engineer is investigating a case of the unauthorized usage of the "Tcpdump" tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?

  • A. all firewall alerts and resulting mitigations
  • B. tagged protocols being used on the network
  • C. tagged ports being used on the network
  • D. all information and data within the datagram

Answer: C

 

NEW QUESTION 74
What is the difference between a threat and a risk?

  • A. Threat represents a potential danger that could take advantage of a weakness in a system
  • B. Risk represents the nonintentional interaction with uncertainty in the system
  • C. Threat represents a state of being exposed to an attack or a compromise, either physically or logically.
  • D. Risk represents the known and identified loss or danger in the system

Answer: A

Explanation:
A threat is any potential danger to an asset. If a vulnerability exists but has not yet been exploited-or, more importantly, it is not yet publicly known-the threat is latent and not yet realized.

 

NEW QUESTION 75
How does certificate authority impact a security system?

  • A. It authenticates domain identity when requesting SSL certificate
  • B. It validates domain identity of a SSL certificate
  • C. It validates client identity when communicating with the server
  • D. It authenticates client identity when requesting SSL certificate

Answer: B

 

NEW QUESTION 76
A security incident occurred with the potential of impacting business services. Who performs the attack?

  • A. threat actor
  • B. bug bounty hunter
  • C. direct competitor
  • D. malware author

Answer: D

 

NEW QUESTION 77
An engineer discovered a breach, identified the threat's entry point, and removed access. The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?

  • A. Reduce the probability of similar threats.
  • B. Recover from the threat.
  • C. Identify lessons learned from the threat.
  • D. Analyze the threat.

Answer: A

 

NEW QUESTION 78
Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

  • A. Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.
  • B. Host 152.46.6.91 is being identified as a watchlist country for data transfer.
  • C. Host 10.201.3.149 is receiving almost 19 times more data than is being sent to host 152.46.6.91.
  • D. Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.

Answer: C

 

NEW QUESTION 79
What are two social engineering techniques? (Choose two.)

  • A. man-in-the-middle
  • B. phishing
  • C. privilege escalation
  • D. DDoS attack
  • E. pharming

Answer: B,E

 

NEW QUESTION 80
An analyst discovers that a legitimate security alert has been dismissed. Which signature caused this impact on network traffic?

  • A. false positive
  • B. true negative
  • C. false negative
  • D. true positive

Answer: C

 

NEW QUESTION 81
What is a difference between data obtained from Tap and SPAN ports?

  • A. SPAN improves the detection of media errors, while Tap provides direct access to traffic with lowered data visibility.
  • B. Tap mirrors existing traffic from specified ports, while SPAN presents more structured data for deeper analysis.
  • C. Tap sends traffic from physical layers to the monitoring device, while SPAN provides a copy of network traffic from switch to destination
  • D. SPAN passively splits traffic between a network device and the network without altering it, while Tap alters response times.

Answer: B

 

NEW QUESTION 82
An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network.
What is the impact of this traffic?

  • A. user circumvention of the firewall
  • B. data exfiltration
  • C. users downloading copyrighted content
  • D. ransomware communicating after infection

Answer: A

 

NEW QUESTION 83
Refer to the exhibit.

Which type of log is displayed?

  • A. proxy
  • B. NetFlow
  • C. IDS
  • D. sys

Answer: D

 

NEW QUESTION 84

Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?

  • A. Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.
  • B. Host 152.46.6.91 is being identified as a watchlist country for data transfer.
  • C. Host 10.201.3.149 is receiving almost 19 times more data than is being sent to host 152.46.6.91.
  • D. Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.

Answer: C

Explanation:
Section: Host-Based Analysis

 

NEW QUESTION 85
Which system monitors local system operation and local network access for violations of a security policy?

  • A. host-based firewall
  • B. antivirus
  • C. systems-based sandboxing
  • D. host-based intrusion detection

Answer: A

 

NEW QUESTION 86
Refer to the exhibit.

What should be interpreted from this packet capture?

  • A. IP address 192.168.122.100/50272/81.179.179.69/80/6 is sending a packet from port 50272 of IP address
    192.168.122.100 that is going to port 80 of IP address 81.179.179.69 using IP protocol 6.
  • B. IP address 179.179.69/50272/192.168.122.100/80/6 is sending a packet from port 50272 of IP address
    192.168.122.100 that is going to port 80 of IP address 81.179.179.69 using IP protocol 6.
  • C. IP address 179.179.69/50272/192.168.122.100/80/6 is sending a packet from port 80 of IP address
    192.168.122.100 that is going to port 50272 of IP address 81.179.179.69 using IP protocol 6.
  • D. IP address 192.168.122.100/50272/81.179.179.69/80/6 is sending a packet from port 80 of IP address
    192.168.122.100 that is going to port 50272 of IP address 81.179.179.69 using IP protocol 6.7E503B693763E0113BE0CD2E4A16C9C4

Answer: A

 

NEW QUESTION 87
......

A fully updated 2021 200-201 Exam Dumps exam guide from training expert PrepAwayExam: https://www.prepawayexam.com/Cisco/braindumps.200-201.ete.file.html

Practice To 200-201 - PrepAwayExam Remarkable Practice On your Understanding Cisco Cybersecurity Operations Fundamentals Exam: https://drive.google.com/open?id=1vxmlwEmwFCPxeSrXy9Kccsjz5xDA0nxz