[2022年01月]更新のCisco 200-201テストエンジンとPDFで完全版無料問題集を無料提供 [Q41-Q57]

[2022年01月]更新のCisco 200-201テストエンジンとPDFで完全版無料問題集を無料提供

最新版を今すぐ試そう200-201認定有効な試験問題集

Cisco 200-201 認定試験の出題範囲：

トピック	出題範囲
トピック 1	Identify the challenges of data visibility Compare security deployments
トピック 2	Compare deep packet inspection with packet filtering and stateful firewall operation Map the organization stakeholders against the NIST IR categories
トピック 3	Distributed denial of service, and man-in-the-middle Describe network attacks, such as protocol-based, denial of service
トピック 4	Extract files from a TCP stream when given a PCAP file and Wireshark Network, endpoint, and application security systems
トピック 5	Nondiscretionary access control Agentless and agent-based protections Identify components of an operating system

 

質問 41
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

• A. firewall event logs
• B. syslog messages
• C. NetFlow
• D. full packet capture

正解: C

 

質問 42
Refer to the exhibit.

What should be interpreted from this packet capture?

• A. 192.168.122.100 is sending a packet from port 80 to port 50272 of IP address 81.179.179.69 using UDP protocol.
• B. 81.179.179.69 is sending a packet from port 50272 to port 80 of IP address 192.168.122.100 using TCP UDP protocol.
• C. 192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.
• D. 81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.

正解: C

 

質問 43
While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header.
Which technology makes this behavior possible?

• A. encapsulation
• B. tunneling
• C. NAT
• D. TOR

正解: C

解説:
Section: Network Intrusion Analysis

 

質問 44
Drag and drop the access control models from the left onto the correct descriptions on the right.

正解:

解説:

 

質問 45
Which category relates to improper use or disclosure of PII data?

• A. legal
• B. contractual
• C. regulated
• D. compliance

正解: C

解説:
Section: Security Policies and Procedures

 

質問 46
An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists. The intruder asked the user to engage with a link in an email. When the fink launched, it infected machines and the intruder was able to access the corporate network.
Which testing method did the intruder use?

• A. piggybacking
• B. eavesdropping
• C. social engineering
• D. tailgating

正解: C

 

質問 47
Refer to the exhibit.

Which type of log is displayed?

• A. IDS
• B. proxy
• C. NetFlow
• D. sys

正解: C

 

質問 48
A user received a malicious attachment but did not run it.
Which category classifies the intrusion?

• A. weaponization
• B. delivery
• C. installation
• D. reconnaissance

正解: B

解説:
Section: Security Concepts

 

質問 49
What is a sandbox interprocess communication service?

• A. A collection of network services that are activated on an interface, allowing for inter-port communication.
• B. A collection of host services that allow for communication between sandboxes.
• C. A collection of interfaces that allow for coordination of activities among processes.
• D. A collection of rules within the sandbox that prevent the communication between sandboxes.

正解: D

 

質問 50
Which process is used when IPS events are removed to improve data integrity?

• A. data normalization
• B. data availability
• C. data signature
• D. data protection

正解: A

 

質問 51
What is the principle of defense-in-depth?

• A. Access control models are involved.
• B. Agentless and agent-based protection for security are used.
• C. Several distinct protective layers are involved.
• D. Authentication, authorization, and accounting mechanisms are used.

正解: C

 

質問 52
Which event is user interaction?

• A. reading and writing file permission
• B. executing remote code
• C. opening a malicious file
• D. gaining root access

正解: C

 

質問 53
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?

• A. encryption
• B. fragmentation
• C. stenography
• D. pivoting

正解: A

解説:
Explanation
https://techdifferences.com/difference-between-steganography-and-cryptography.html#:~:text=The%20steganog

 

質問 54

Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?

• A. Host 152.46.6.91 is being identified as a watchlist country for data transfer.
• B. Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.
• C. Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.
• D. Host 10.201.3.149 is receiving almost 19 times more data than is being sent to host 152.46.6.91.

正解: D

解説:
Section: Host-Based Analysis

 

質問 55
How is attacking a vulnerability categorized?

• A. delivery
• B. exploitation
• C. installation
• D. action on objectives

正解: B

 

質問 56
Which signature impacts network traffic by causing legitimate traffic to be blocked?

• A. false negative
• B. true negative
• C. true positive
• D. false positive

正解: D

 

質問 57
......

100%合格保証付きの素晴らしい200-201試験問題PDF：https://www.jpntest.com/shiken/200-201-mondaishu