次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)
  • ホーム
  • ブログ
  • [2024年04月06日]200-201認定ガイド問題と解答トレーニング [Q165-Q184]

[2024年04月06日]200-201認定ガイド問題と解答トレーニング [Q165-Q184]

Share

[2024年04月06日]200-201認定ガイド問題と解答トレーニング

200-201認定お試しセット最新200-201のPDF問題集

質問 # 165
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?

  • A. pivoting
  • B. fragmentation
  • C. stenography
  • D. encryption

正解:D

解説:
Explanation
https://techdifferences.com/difference-between-steganography-and-cryptography.html#:~:text=The%20steganog


質問 # 166
An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group.
What is the initial event called in the NIST SP800-61?

  • A. instigator
  • B. precursor
  • C. online assault
  • D. trigger

正解:B

解説:
Section: Security Policies and Procedures


質問 # 167
Which type of data consists of connection level, application-specific records generated from network traffic?

  • A. alert data
  • B. statistical data
  • C. transaction data
  • D. location data

正解:C

解説:
Section: Security Monitoring
Explanation/Reference:


質問 # 168
An engineer is investigating a case of the unauthorized usage of the "Tcpdump" tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?

  • A. all information and data within the datagram
  • B. tagged ports being used on the network
  • C. all firewall alerts and resulting mitigations
  • D. tagged protocols being used on the network

正解:B


質問 # 169
Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

  • A. Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.
  • B. Host 10.201.3.149 is receiving almost 19 times more data than is being sent to host 152.46.6.91.
  • C. Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.
  • D. Host 152.46.6.91 is being identified as a watchlist country for data transfer.

正解:B


質問 # 170
What is the difference between indicator of attack (loA) and indicators of compromise (loC)?

  • A. loA is the evidence that a security breach has occurred, and loC allows organizations to act before the vulnerability can be exploited.
  • B. loA refers to the individual responsible for the security breach, and loC refers to the resulting loss.
  • C. loC is the evidence that a security breach has occurred, and loA allows organizations to act before the vulnerability can be exploited.
  • D. loC refers to the individual responsible for the security breach, and loA refers to the resulting loss.

正解:C


質問 # 171
While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header.
Which technology makes this behavior possible?

  • A. tunneling
  • B. TOR
  • C. NAT
  • D. encapsulation

正解:C

解説:
Section: Network Intrusion Analysis


質問 # 172
An engineer received an alert affecting the degraded performance of a critical server Analysis showed a heavy CPU and memory load What is the next step the engineer should take to investigate this resource usage7

  • A. Run "ps -d" to decrease the priority state of high-load processes to avoid resource exhaustion
  • B. Run "ps -ef to understand which processes are taking a high amount of resources
  • C. Run "ps -m" to capture the existing state of daemons and map the required processes to find the gap
  • D. Run "ps -u" to find out who executed additional processes that caused a high load on a server

正解:C


質問 # 173
How does TOR alter data content during transit?

  • A. It redirects destination traffic through multiple sources avoiding traceability.
  • B. It traverses source traffic through multiple destinations before reaching the receiver
  • C. It encrypts content and destination information over multiple layers.
  • D. It spoofs the destination and source information protecting both sides.

正解:C


質問 # 174
At a company party a guest asks questions about the company's user account format and password complexity.
How is this type of conversation classified?

  • A. Phishing attack
  • B. Social Engineering
  • C. Piggybacking
  • D. Password Revelation Strategy

正解:D


質問 # 175
A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)

  • A. Provide security awareness training to HR managers and employees
  • B. Detect the attack vector and analyze C&C connections
  • C. Block connection to this C&C server on the perimeter next-generation firewall
  • D. Isolate affected endpoints and take disk images for analysis
  • E. Update antivirus signature databases on affected endpoints to block connections to C&C

正解:C、D


質問 # 176
What describes a buffer overflow attack?

  • A. fetching data from memory buffer registers
  • B. suppressing the buffers in a process
  • C. overloading a predefined amount of memory
  • D. injecting new commands into existing buffers

正解:C


質問 # 177
Refer to the exhibit.

What is depicted in the exhibit?

  • A. IIS logs
  • B. UNIX-based syslog
  • C. Apache logs
  • D. Windows Event logs

正解:C


質問 # 178
Syslog collecting software is installed on the server For the log containment, a disk with FAT type partition is used An engineer determined that log files are being corrupted when the 4 GB tile size is exceeded. Which action resolves the issue?

  • A. Add space to the existing partition and lower the retention penod.
  • B. Use NTFS partition for log file containment
  • C. Use FAT32 to exceed the limit of 4 GB.
  • D. Use the Ext4 partition because it can hold files up to 16 TB.

正解:B


質問 # 179
Drag and drop the technology on the left onto the data type the technology provides on the right.

正解:

解説:


質問 # 180
Refer to the exhibit.

Which type of log is displayed?

  • A. IDS
  • B. sys
  • C. NetFlow
  • D. proxy

正解:C


質問 # 181
Refer to the exhibit.

What is occurring?

  • A. ARP flood
  • B. DNS amplification
  • C. DNS tunneling
  • D. ARP poisoning

正解:C


質問 # 182
Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

正解:

解説:


質問 # 183
Which data type is necessary to get information about source/destination ports?

  • A. session data
  • B. alert data
  • C. statistical data
  • D. connectivity data

正解:A

解説:
Session data provides information about the five tuples; source IP address/port number, destination IP address/port number and the protocol What is Connectivity Data? According to IBM - Connectivity data defines how entities are connected in the network. It includes connections between different devices, and VLAN-related connections within the same devicehttps://www.ibm.com/docs/en/networkmanager/4.2.0?topic=relationships-connectivity-data


質問 # 184
......


Cisco 200-201試験では、セキュリティの概念、ネットワークセキュリティ、セキュリティツール、セキュリティポリシーと手順など、幅広いトピックをカバーしています。この試験に合格した候補者は、セキュリティの脅威を特定して緩和し、セキュリティインシデントを検出および対応し、効果的なセキュリティポリシーと手順を実施するために必要なスキルと知識を持っています。 Cisco 200-201試験は、実世界の環境でこれらのスキルを適用する候補者の能力をテストするように設計されています。


Ciscoの200-201またはUnderstanding Cisco Cybersecurity Operations Fundamentals試験は、Cisco Systems、Inc.が提供する認定試験で、候補者のサイバーセキュリティオペレーションに関する基礎知識を検証します。この試験では、セキュリティの概念、技術、手順、セキュリティの監視、分析、対応、およびガバナンス、リスク、コンプライアンスに関する理解が求められます。この試験に合格することは、サイバーセキュリティのキャリアを追求したい個人やITセキュリティで働きたい人にとって必要なステップです。

 

ベストCisco 200-201学習ガイドと問題集は2024:https://www.jpntest.com/shiken/200-201-mondaishu

関するブログ

もっと
200-201無料問題集

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験