更新された2024年05月03日 200-201試験問題集でPDF問題とテストエンジン [Q56-Q76]

更新された2024年05月03日 200-201試験問題集でPDF問題とテストエンジン

最新（2024)Cisco 200-201試験問題集

Cisco 200-201認証試験は世界的に認識されており、サイバーセキュリティ業界で非常に尊敬されています。この試験に合格した個人は、サイバーセキュリティの基本を強く理解していると考えられており、エントリーレベルのサイバーセキュリティの役割を引き受けるように十分に準備されています。

質問 # 56
Which regular expression is needed to capture the IP address 192.168.20.232?

A. ^ ([0-9]-{3})
B. ^ (?:[0-9]{1,3}\.)'
C. ^ (?:[0-9]f1,3}\.){1,4}
D. ^ (?:[0-9]{1,3}\.){3}[0-9]{1,3}

正解：D

質問 # 57
How does statistical detection differ from rule-based detection?

A. legitimate data over a period of time, and statistical detection works on a predefined set of rules
B. Rule-based detection involves the evaluation of events, and statistical detection requires an evaluated set of events to function Rule-based detection defines
C. Statistical detection involves the evaluation of events, and rule-based detection requires an evaluated set of events to function.
D. Statistical detection defines legitimate data over time, and rule-based detection works on a predefined set of rules

正解：D

質問 # 58
In a SOC environment, what is a vulnerability management metric?

A. single factor authentication
B. full assets scan
C. code signing enforcement
D. internet exposed devices

正解：D

質問 # 59
Refer to the exhibit.

What is occurring in this network?

A. DNS cache poisoning
B. MAC address table overflow
C. MAC flooding attack
D. ARP cache poisoning

正解：D

質問 # 60

Refer to the exhibit. What information is depicted?

A. IIS data
B. NetFlow data
C. network discovery event
D. IPS event data

正解：B

質問 # 61
Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

A. A policy violation is active for host 10.201.3.149.
B. A policy violation is active for host 10.10.101.24.
C. There are two active data exfiltration alerts.
D. A host on the network is sending a DDoS attack to another inside host.

正解：C

質問 # 62
Refer to the exhibit.

Which event is occurring?

A. A binary named "submit" is running on VM cuckoo1.
B. A binary is being submitted to run on VM cuckoo1
C. A binary on VM cuckoo1 is being submitted for evaluation
D. A URL is being evaluated to see if it has a malicious binary

正解：C

質問 # 63
What is the impact of false positive alerts on business compared to true positive?

A. True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them.
B. False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.
C. False positives alerts are manually ignored signatures to avoid warnings that are already acknowledged, while true positives are warnings that are not yet acknowledged.
D. True-positive alerts are blocked by mistake as potential attacks, while False-positives are actual attacks Identified as harmless.

正解：B

質問 # 64
DRAG DROP

Refer to the exhibit. Drag and drop the element name from the left onto the correct piece of the PCAP file on the right.
Select and Place:

正解：

解説：

質問 # 65
A threat actor penetrated an organization's network. Using the 5-tuple approach, which data points should the analyst use to isolate the compromised host in a grouped set of logs?

A. protocol, source IP, source port, destination IP, and destination port
B. protocol, log source, source IP, destination IP, and host name
C. event name, log source, time, source IP, and host name
D. event name, log source, time, source IP, and username

正解：A

質問 # 66
What ate two denial-of-service (DoS) attacks? (Choose two)

A. man-in-the-middle
B. port scan
C. SYN flood
D. phishing
E. teardrop

正解：A、C

質問 # 67
Which technology should be used to implement a solution that makes routing decisions based on HTTP header, uniform resource identifier, and SSL session ID attributes?

A. IIS
B. Load balancer
C. AWS
D. Proxy server

正解：B

解説：
Load Balancing: HTTP(S) load balancing is one of the oldest forms of load balancing. This form of load balancing relies on layer 7, which means it operates in the application layer. This allows routing decisions based on attributes like HTTP header, uniform resource identifier, SSL session ID, and HTML form data.
Load balancing applies to layers 4-7 in the seven-layer Open System Interconnection (OSI) model. Its capabilities are: L4. Directing traffic based on network data and transport layer protocols, e.g., IP address and TCP port. L7. Adds content switching to load balancing, allowing routing decisions depending on characteristics such as HTTP header, uniform resource identifier, SSL session ID, and HTML form data.
GSLB. Global Server Load Balancing expands L4 and L7 capabilities to servers in different sites

質問 # 68
Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

A. Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.
B. Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.
C. Host 10.201.3.149 is receiving almost 19 times more data than is being sent to host 152.46.6.91.
D. Host 152.46.6.91 is being identified as a watchlist country for data transfer.

正解：C

質問 # 69
What is the difference between vulnerability and risk?

A. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause.
B. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself
C. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself.
D. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit

正解：A

質問 # 70
Refer to the exhibit.

What is occurring in this network?

A. DNS cache poisoning
B. MAC address table overflow
C. MAC flooding attack
D. ARP cache poisoning

正解：D

質問 # 71
What is a benefit of agent-based protection when compared to agentless protection?

A. It manages numerous devices simultaneously
B. It provides a centralized platform
C. It collects and detects all traffic locally
D. It lowers maintenance costs

正解：C

解説：
Host-based antivirus protection is also known as agent-based. Agent-based antivirus runs on every protected machine. Agentless antivirus protection performs scans on hosts from a centralized system. Agentless systems have become popular for virtualized environments in which multiple OS instances are running on a host simultaneously. Agent-based antivirus running in each virtualized system can be a serious drain on system resources. Agentless antivirus for virtual hosts involves the use of a special security virtual appliance that performs optimized scanning tasks on the virtual hosts. An example of this is VMware's vShield.

質問 # 72
A security incident occurred with the potential of impacting business services. Who performs the attack?

A. bug bounty hunter
B. malware author
C. direct competitor
D. threat actor

正解：B

質問 # 73

Refer to the exhibit. This request was sent to a web application server driven by a database.
Which type of web server attack is represented?

A. blind SQL injection
B. parameter manipulation
C. heap memory corruption
D. command injection

正解：A

解説：
Section: Host-Based Analysis

質問 # 74
Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

正解：

解説：

Explanation
Delivery: This step involves transmitting the weapon to the target.
Weaponization: In this step, the intruder creates a malware weapon like a virus, worm or such in order to exploit the vulnerabilities of the target. Depending on the target and the purpose of the attacker, this malware can exploit new, undetected vulnerabilities (also known as the zero-day exploits) or it can focus on a combination of different vulnerabilities.
Reconnaissance: In this step, the attacker / intruder chooses their target. Then they conduct an in-depth research on this target to identify its vulnerabilities that can be exploited.

質問 # 75
An engineer received an alert affecting the degraded performance of a critical server Analysis showed a heavy CPU and memory load. What is the next step the engineer should take to investigate this resource usage?

A. Run "ps -ef to understand which processes are taking a high amount of resources
B. Run "ps -d" to decrease the priority state of high-load processes to avoid resource exhaustion
C. Run "ps -m" to capture the existing state of daemons and map the required processes to find the gap
D. Run "ps -u" to find out who executed additional processes that caused a high load on a server

正解：A

質問 # 76
......

更新された検証済みの合格させる200-201試験にはリアル問題と解答：https://www.jpntest.com/shiken/200-201-mondaishu