Cisco 200-201 Online Practice Questions and Exam Preparation

Cisco 200-201 Online Questions & Answers

• Question 161:

  Which technology assures that the information transferred from point A to point B is unaltered and authentic?

  A. Subject Alternative Name
  B. Trust anchor
  C. Digital certificates
  D. EMV signatures
  B. Trust anchor

• Question 162:

  Refer to the exhibit.

  

  What is occurring within the exhibit?

  A. regular GET requests
  B. XML External Entities attack
  C. insecure deserialization
  D. cross-site scripting attack
  A. regular GET requests

  ---

  Explanation

  References:

  https://www.tutorialspoint.com/http/http_requests.htmhttps://github.com/gwroblew/detectXSSlib/blob/master/test/attacks.txt

• Question 163:

  Refer to the exhibit.

  

  Which alert is identified from this packet capture?

  A. man-in-the-middle attack
  B. brute-force attack
  C. ARP poisoning
  D. SQL injection
  B. brute-force attack

• Question 164:

  

  Refer to the exhibit.

  What occurred on this system based on this output?

  A. A user connected to the system using remote access VPN.
  B. A user connected to the system after 450 attempts.
  C. A user connected to the system using SSH using source port 55796.
  D. A user created a new HTTP session using the SHA256 hashing algorithm.
  C. A user connected to the system using SSH using source port 55796.

• Question 165:

  Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?

  A. availability
  B. confidentiality
  C. scope
  D. integrity
  D. integrity

• Question 166:

  What is a description of "phishing" as a social engineering attack?

  A. Fake Social Security Administration personnel contact random individuals, inform them that there has been a computer problem on their end, and ask that those individuals confirm their Social Security Number, all for the purpose of committing identity theft.
  B. A hacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link.
  C. The attacker focuses on creating a good pretext, or a fabricated scenario, that is used to try and steal victims' personal information.
  D. Someone without the proper authentication follows an authenticated employee into a restricted area. The attacker might impersonate a delivery driver and wait outside a building to get things started.
  B. A hacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link.

• Question 167:

  What is email greylisting as implemented by a mail transfer agent (MTA)?

  A. quarantining emails sent from outside the organization
  B. denying any email from an unrecognized sender
  C. returning emails that are potential phishing attempts
  D. allowing emails from unknown senders temporarily
  D. allowing emails from unknown senders temporarily

  ---

  Explanation

  Email greylisting is an anti-spam technique used by mail transfer agents to reduce unsolicited and malicious email traffic. When an email is received from an unknown sender, the MTA temporarily rejects the message with a request for retransmission. Legitimate mail servers are configured to retry delivery after a short delay, while many spam and malicious servers do not.

  By allowing emails from unknown senders temporarily after a retry, greylisting effectively filters out a large volume of automated spam without relying on content inspection or signatures. This makes it a lightweight and effective control in email security architectures. Option A describes quarantining, which is different from greylisting.

  Option B refers to permanent blocking, which greylisting does not do.

  Option C relates to phishing detection rather than delivery control behavior. Security monitoring documentation highlights greylisting as a behavior-based control that leverages standard SMTP retry mechanisms. Once a sender successfully retries, they are typically whitelisted for future deliveries.

  Therefore, email greylisting works by temporarily delaying emails from unknown senders, making Option D the correct answer.

• Question 168:

  What is the purpose of a SIEM solution?

  A. to collect and forward event logs to another log collection device to evaluate security threats
  B. to collect and correlate event log data to provide holistic views of the security posture of an environment
  C. to collect and categorize indicators of compromise to evaluate and search for potential security threats
  D. to monitor and manage firewall access control lists for duplicate firewall filtering
  B. to collect and correlate event log data to provide holistic views of the security posture of an environment

• Question 169:

  A developer is working on a project using a Linux tool that enables writing processes to obtain these required results:

  If the process is unsuccessful, a negative value is returned. If the process is successful, 0 value is returned to the child process, and the process ID is sent to the parent process.

  Which component results from this operation?

  A. parent directory name of a file pathname
  B. process spawn scheduled
  C. macros for managing CPU sets
  D. new process created by parent process
  D. new process created by parent process

  ---

  Explanation

  There are two tasks with specially distinguished process IDs: swapper or sched has process ID 0 and is responsible for paging, and is actually part of the kernel rather than a normal user-mode process. Process ID 1 is usually the init process primarily responsible for starting and shutting down the system. Originally, process ID 1 was not specifically reserved for init by any technical measures: it simply had this ID as a natural consequence of being the first process invoked by the kernel. More recent Unix systems typically have additional kernel components visible as 'processes', in which case PID 1 is actively reserved for the init process to maintain consistency with older systems

• Question 170:

  DRAG DROP

  Drag and drop the event term from the left onto the description on the right.

  Select and Place: