[2024年12月]更新の200-201試験問題と有効な200-201問題集PDF [Q107-Q123]

Share

[2024年12月]更新の200-201試験問題と有効な200-201問題集PDF

200-201ブレーン問題集学習ガイドにはヒントとコツで試験合格を目指そう


シスコ200-201試験は、セキュリティアナリスト、ネットワークセキュリティエンジニア、およびサイバーセキュリティスペシャリストを含む、サイバーセキュリティ分野でキャリアを構築したい個人を対象としています。この試験は、サイバーセキュリティのオペレーションにおけるスキルと知識を向上させ、雇用主や同僚から認められたいと考える個人を対象としています。この試験では、セキュリティ監視を実行し、セキュリティ脅威を識別および分析し、セキュリティポリシーと手順を理解する能力を試験します。

 

質問 # 107
Which event artifact is used to identify HTTP GET requests for a specific file?

  • A. URI
  • B. destination IP address
  • C. HTTP status code
  • D. TCP ACK

正解:A

解説:
The Uniform Resource Identifier (URI) is used to identify specific resources on the internet, including files. In the context of HTTP GET requests, the URI specifies the path to the file being requested.


質問 # 108
Refer to the exhibit.

What does the output indicate about the server with the IP address 172.18.104.139?

  • A. open ports of a web server
  • B. open port of an FTP server
  • C. open ports of an email server
  • D. running processes of the server

正解:C


質問 # 109
Refer to the exhibit.
During the analysis of a suspicious scanning activity incident, an analyst discovered multiple local TCP connection events Which technology provided these logs?

  • A. IDS/IPS
  • B. firewall
  • C. proxy
  • D. antivirus

正解:B

解説:
The logs indicating multiple local TCP connection events are typically provided by a firewall. Firewalls are responsible for monitoring and controlling incoming and outgoing network traffic based on predetermined security rules, and they generate logs that detail such events, which can be used for further analysis and incident response. Reference:= Cisco Cybersecurity Operations Fundamentals


質問 # 110
At a company party a guest asks questions about the company's user account format and password complexity. How is this type of conversation classified?

  • A. Phishing attack
  • B. Password Revelation Strategy
  • C. Social Engineering
  • D. Piggybacking

正解:C

解説:
Social engineering is the practice of manipulating or deceiving people into performing actions or divulging information that can compromise the security of the organization. Asking questions about the company's user account format and password complexity at a party is an example of social engineering, as the guest may be trying to gather information that can be used to launch a cyberattack. Reference:= Cisco Cybersecurity Operations Fundamentals - Module 6: Security Incident Investigations


質問 # 111
How does TOR alter data content during transit?

  • A. It redirects destination traffic through multiple sources avoiding traceability.
  • B. It traverses source traffic through multiple destinations before reaching the receiver
  • C. It encrypts content and destination information over multiple layers.
  • D. It spoofs the destination and source information protecting both sides.

正解:C

解説:
TOR is a network that enables anonymous communication over the internet by routing the traffic through a series of relays or nodes. TOR alters the data content during transit by encrypting it and the destination information over multiple layers, using a technique called onion routing. Each layer of encryption can only be decrypted by a specific relay in the network, which reveals the next destination. This way, no single relay knows the complete path or the content of the data, making it difficult to trace or monitor the communication. References := Cisco Cybersecurity Operations Fundamentals, Module 2: Security Monitoring, Lesson 2.1: The Network as a Sensor, Topic 2.1.3: Network Data Exfiltration Techniques


質問 # 112
What is a difference between a threat and a risk?

  • A. A risk is a flaw or hole in security, and a threat is what is being used against that flaw
  • B. A risk is an intersection between threat and vulnerabilities, and a threat is what a security engineer is trying to protect against
  • C. A threat is a sum of risks and a risk itself represents a specific danger toward the asset
  • D. A threat can be people property, or information, and risk is a probability by which these threats may bring harm to the business

正解:B


質問 # 113
Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

  • A. A host on the network is sending a DDoS attack to another inside host.
  • B. A policy violation is active for host 10.10.101.24.
  • C. A policy violation is active for host 10.201.3.149.
  • D. There are three active data exfiltration alerts.

正解:D


質問 # 114
A security incident occurred with the potential of impacting business services. Who performs the attack?

  • A. malware author
  • B. bug bounty hunter
  • C. direct competitor
  • D. threat actor

正解:A


質問 # 115
What ate two categories of DDoS attacks? (Choose two.)

  • A. scanning
  • B. reflected
  • C. direct
  • D. split brain
  • E. phishing

正解:B、C

解説:
DDoS attacks are divided into two categories: reflected and direct. Reflected attacks use a third-party system to amplify the attack traffic and send it to the target. For example, an attacker can send a spoofed request to a DNS server, which will reply with a large amount of data to the target's IP address. Direct attacks send the attack traffic directly from the attacker's system or a botnet to the target. For example, an attacker can send a large number of SYN packets to the target's port, exhausting its resources. References := Cisco Cybersecurity Operations Fundamentals, Module 1: Security Concepts, Lesson 1.3: Common Network Application Operations and Attacks, Topic 1.3.4: Denial-of-Service Attacks


質問 # 116
An organization is cooperating with several third-party companies. Data exchange is on an unsecured channel using port 80 Internal employees use the FTP service to upload and download sensitive data An engineer must ensure confidentiality while preserving the integrity of the communication. Which technology must the engineer implement in this scenario'?

  • A. web application firewall
  • B. CA server
  • C. X 509 certificates
  • D. RADIUS server

正解:C


質問 # 117
Refer to the exhibit.

Which field contains DNS header information if the payload is a query or a response?

  • A. QR
  • B. ID
  • C. Z
  • D. TC

正解:B


質問 # 118
Which metric should be used when evaluating the effectiveness and scope of a Security Operations Center?

  • A. The average time the SOC takes to register and assign the incident.
  • B. The average time the SOC takes to detect and resolve the incident.
  • C. The total incident escalations per month.
  • D. The total incident escalations per week.

正解:B


質問 # 119
What is a sandbox interprocess communication service?

  • A. A collection of host services that allow for communication between sandboxes.
  • B. A collection of interfaces that allow for coordination of activities among processes.
  • C. A collection of network services that are activated on an interface, allowing for inter-port communication.
  • D. A collection of rules within the sandbox that prevent the communication between sandboxes.

正解:B

解説:
A sandbox interprocess communication service refers to the mechanisms that allow different processes within a sandboxed environment to communicate with each other. These interfaces are crucial for coordinating activities among processes, especially in a restricted environment like a sandbox where direct interaction with the operating system or other processes might be limited for security reasons. This communication is essential for complex applications that require different processes to work together to perform tasks.


質問 # 120
What is the function of a command and control server?

  • A. It drops secondary payload into malware
  • B. It sends instruction to a compromised system
  • C. It enumerates open ports on a network device
  • D. It is used to regain control of the network after a compromise

正解:B

解説:
A command and control server (C2 or C&C) is a server that is used by attackers to communicate with and control compromised systems, such as bots, zombies, or backdoors. The C2 server can send instructions to the compromised systems, such as executing commands, downloading files, uploading data, or launching attacks. The C2 server can also receive information from the compromised systems, such as system information, keystrokes, screenshots, or credentials. Reference:
Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) v1.0, Module 3: Network Intrusion Analysis, Lesson 3.4: Malware Cisco Certified CyberOps Associate Overview, Exam Topics, 3.4 Compare and contrast types of malware


質問 # 121

Refer to the exhibit. Which type of log is displayed?

  • A. proxy
  • B. IDS
  • C. NetFlow
  • D. sys

正解:D

解説:
Section: Security Monitoring
Explanation


質問 # 122
What is the difference between the ACK flag and the RST flag in the NetFlow log session?

  • A. The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
  • B. The RST flag confirms the beginning of the TCP connection, and the ACK flag responds when the data for the payload is complete
  • C. The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection
  • D. The ACK flag confirms the beginning of the TCP connection, and the RST flag responds when the data for the payload is complete

正解:A

解説:
In NetFlow log sessions within TCP connections; ACK flag is used for acknowledging that data has been successfully received while RST flag is used when there's an error or when closing a connection spontaneously without following standard procedures. References := Cisco Cybersecurity source documents or study guide


質問 # 123
......

200-201試験問題無料PDFダウンロード 最近更新された問題です:https://jp.fast2test.com/200-201-premium-file.html

200-201認定試験問題集には332練習テスト問題:https://drive.google.com/open?id=1bLaqghLC7Nw2VtGxQkjiHUn8Zhu02-SY


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어