Cisco 200-201 Exam Questions (2024) - Explore a Free Demo of 200-201 Materials
2 views 0 purchase
Course
Self Learning
Institution
Self Learning
Upgrade your Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) 200-201 exam preparation with Killtest Cisco 200-201 exam questions (2024). Our real 200-201 exam questions pave the way to excel in the Cisco 200-201 exam on your first attempt. We guarantee that preparing for the Cisc...
CYBEROPS ASSOCIATE Exam
200-201 Questions V14.02
CyberOps Associate
Topics - Understanding Cisco
Cybersecurity Operations
Fundamentals (CBROPS) Cisco 200-201 Exam Questions (2024) - Explore a Free Demo of 200-201 Materials 1.Which event is user interaction?
A. gaining root access
B. executing remote code
C. reading and writing file permission
D. opening a malicious file
Answer: D
2.Which security principle requires more than one person is required to perform a
critical task?
A. least privilege
B. need to know
C. separation of duties
D. due diligence
Answer: C
3.How is attacking a vulnerability categorized?
A. action on objectives
B. delivery
C. exploitation
D. installation
Answer: C
4.What is a benefit of agent-based protection when compared to agentless
protection?
A. It lowers maintenance costs
B. It provides a centralized platform
C. It collects and detects all traffic locally
D. It manages numerous devices simultaneously
Answer: C
Explanation:
Host-based antivirus protection is also known as agent-based. Agent-based antivirus
runs on every protected machine. Agentless antivirus protection performs scans on
hosts from a centralized system. Agentless systems have become popular for
virtualized environments in which multiple OS instances are running on a host
simultaneously. Agent-based antivirus running in each virtualized system can be a
serious drain on system resources. Agentless antivirus for virtual hosts involves the
use of a special security virtual appliance that performs optimized scanning tasks on
the virtual hosts. An example of this is VMware’s vShield. Cisco 200-201 Exam Questions (2024) - Explore a Free Demo of 200-201 Materials 5.Which principle is being followed when an analyst gathers information relevant to a
security incident to determine the appropriate course of action?
A. decision making
B. rapid response
C. data mining
D. due diligence
Answer: B
6.One of the objectives of information security is to protect the CIA of information and
systems.
What does CIA mean in this context?
A. confidentiality, identity, and authorization
B. confidentiality, integrity, and authorization
C. confidentiality, identity, and availability
D. confidentiality, integrity, and availability
Answer: D
7.What is rule-based detection when compared to statistical detection?
A. proof of a user's identity
B. proof of a user's action
C. likelihood of user's action
D. falsification of a user's identity
Answer: B
8.A user received a malicious attachment but did not run it.
Which category classifies the intrusion?
A. weaponization
B. reconnaissance
C. installation
D. delivery
Answer: D
9.Which process is used when IPS events are removed to improve data integrity?
A. data availability
B. data normalization
C. data signature
D. data protection
Answer: B Cisco 200-201 Exam Questions (2024) - Explore a Free Demo of 200-201 Materials 10.An analyst is investigating an incident in a SOC environment.
Which method is used to identify a session from a group of logs?
A. sequence numbers
B. IP identifier
C. 5-tuple
D. timestamps
Answer: C
11.What is a difference between SOAR and SIEM?
A. SOAR platforms are used for threat and vulnerability management, but SIEM
applications are not
B. SIEM applications are used for threat and vulnerability management, but SOAR
platforms are not
C. SOAR receives information from a single platform and delivers it to a SIEM
D. SIEM receives information from a single platform and delivers it to a SOAR
Answer: A
12.What is the difference between mandatory access control (MAC) and discretionary
access control (DAC)?
A. MAC is controlled by the discretion of the owner and DAC is controlled by an
administrator
B. MAC is the strictest of all levels of control and DAC is object-based access
C. DAC is controlled by the operating system and MAC is controlled by an
administrator
D. DAC is the strictest of all levels of control and MAC is object-based access
Answer: B
13.What is the practice of giving employees only those permissions necessary to
perform their specific role within an organization?
A. least privilege
B. need to know
C. integrity validation
D. due diligence
Answer: A
14.What is the virtual address space for a Windows process?
A. physical location of an object in memory
B. set of pages that reside in the physical memory
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller yarunsun. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $0.00. You're not tied to anything after your purchase.
