200-201 Exam Details
-
Exam Code
:200-201 -
Exam Name
:Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) -
Certification
:CyberOps Associate -
Vendor
:Cisco -
Total Questions
:543 Q&As -
Last Updated
:May 24, 2026
Cisco 200-201 Online Questions & Answers
-
Question 91:
Which security monitoring data type requires the largest storage space?
A. transaction data
B. statistical data
C. session data
D. full packet capture -
Question 92:
Which type of data collection requires the largest amount of storage space?
A. alert data
B. transaction data
C. session data
D. full packet capture -
Question 93:
According to CVSS, which condition is required for attack complexity metrics?
A. man-in-the-middle attack
B. attackers altering any file
C. complete loss of protection
D. total loss of availability -
Question 94:
For which items is an end-point application greylist used?
A. items that have been installed with a baseline
B. items that have been established as malicious
C. items before being established as harmful or malicious
D. items that have been established as authorized -
Question 95:
What is the role of NAT in data visibility?
A. load balancing
B. hiding IP addresses
C. web filtering
D. encrypting files -
Question 96:
Which element is included in an incident response plan as stated in NIST.SP800-617
A. security of sensitive information
B. individual approach to incident response
C. consistent threat identification
D. approval of senior management -
Question 97:
A member of the SOC team is checking the dashboard provided by the Cisco Firepower Manager for further Isolation actions.
According to NIST SP800-61, in which phase of incident response is this action?
A. Cost-incident activity phase
B. Preparation phase
C. Selection and analyze phase
D. The radiation and recovery phase -
Question 98:
DRAG DROP
Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.
Select and Place:
-
Question 99:
What is the difference between attack surface and vulnerability?
A. A vulnerability is a way of taking advantage of a system or resource, and an attack surface is a specific technique utilized by the vulnerability.
B. An attack surface is a way of taking advantage of a system or resource, and a vulnerability is a specific technique utilized by the vulnerability.
C. An attack surface describes how software or a system is exposed to potential attacks, and a vulnerability is an actual weakness that exposes the potential risk.
D. A vulnerability describes how software or a system is exposed to potential attacks, and an attack surface is an actual weakness that exposes the potential risk. -
Question 100:
What is the role of indicator of compromise in an investigation?
A. It helps answer the question of why the attack took place.
B. It identifies potentially malicious activity on a system or network.
C. It is nonforensic data, which is easy to detect.
D. It describes what and why something happened.
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 200-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.