Cisco 200-201 Online Practice Questions and Exam Preparation

Cisco 200-201 Online Questions & Answers

• Question 201:

  In digital communications, which method is recommended for securely exchanging public keys between users T0n2262144790 and D4n4126220794?

  A. Hardware Security Module
  B. Automated Certificate Management Environment
  C. Pretty Good Privacy
  D. Secure Multipurpose Internet Mail Extensions
  C. Pretty Good Privacy

• Question 202:

  Which component is responsible for assigning IP addresses to devices on a network?

  A. DNS
  B. DHCP
  C. NAT
  D. SNMP
  B. DHCP

  ---

  Explanation

  Dynamic Host Configuration Protocol (DHCP) is responsible for automatically assigning IP addresses and other network configuration parameters to devices on a network. This simplifies network management and ensures that each device has a unique address. DNS (A) resolves domain names to IP addresses, NAT (C) translates private IP addresses to public ones, and SNMP (D) is used for network management and monitoring. DHCP operates by leasing IP addresses to devices for a specified period. It plays a critical role in network operations and security, as misconfigured or rogue DHCP servers can lead to network disruptions or attacks. Monitoring DHCP activity helps ensure proper network configuration and detect anomalies.

• Question 203:

  Which type of evasion technique is accomplished by separating the traffic into smaller segments before transmitting across the network?

  A. encryption
  B. tunneling
  C. proxies
  D. fragmentation
  D. fragmentation

• Question 204:

  Which technique is commonly used to exploit database vulnerabilities?

  A. cross-site scripting
  B. SQL injection
  C. phishing
  D. ARP spoofing
  B. SQL injection

  ---

  Explanation

  SQL injection is a technique used to exploit vulnerabilities in database-driven applications by inserting malicious SQL queries into input fields. This allows attackers to read, modify, or delete data from the database. It is one of the most common web application vulnerabilities. Cross-site scripting (A) targets users by injecting scripts into web pages. Phishing (C) is a social engineering attack. ARP spoofing (D) targets network communication. SQL injection exploits improper input validation and lack of parameterized queries. Preventing SQL injection involves using prepared statements, input sanitization, and proper access controls. It directly impacts the confidentiality and integrity of data stored in databases, making it a critical vulnerability to address in secure application development.

• Question 205:

  Refer to the exhibit.

  

  What is occurring?

  A. ARP flood
  B. DNS amplification
  C. ARP poisoning
  D. DNS tunneling
  B. DNS amplification

• Question 206:

  What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)

  A. Untampered images are used in the security investigation process
  B. Tampered images are used in the security investigation process
  C. The image is tampered if the stored hash and the computed hash match
  D. Tampered images are used in the incident recovery process
  E. The image is untampered if the stored hash and the computed hash match
  A. Untampered images are used in the security investigation process
  E. The image is untampered if the stored hash and the computed hash match

  ---

  Explanation

  Cert Guide by Omar Santos, Chapter 9 - Introduction to digital Forensics. "When you collect evidence, you must protect its integrity. This involves making sure that nothing is added to the evidence and that nothing is deleted or destroyed (this is known as evidence preservation)."

• Question 207:

  DRAG DROP

  Drag and drop the technology on the left onto the data type the technology provides on the right.

  Select and Place:

  

  

• Question 208:

  Which two elements of the incident response process are stated in NIST Special Publication 800-61 r2? (Choose two.)

  A. detection and analysis
  B. post-incident activity
  C. vulnerability management
  D. risk assessment
  E. vulnerability scoring
  A. detection and analysis
  B. post-incident activity

  ---

  Explanation

  References:

  https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

• Question 209:

  Refer to the exhibit.

  

  What is the potential threat identified in this Stealthwatch dashboard?

  A. A policy violation is active for host 10.10.101.24.
  B. A host on the network is sending a DDoS attack to another inside host.
  C. There are two active data exfiltration alerts.
  D. A policy violation is active for host 10.201.3.149.
  C. There are two active data exfiltration alerts.

• Question 210:

  What are two differences of deep packet inspection compared to stateful firewall inspection? (Choose two.)

  A. static lists for maintaining a strict access control level
  B. different rule configurations based on payload pattern
  C. quality of service capabilities based on list definitions
  D. offers application-level monitoring
  E. inspection of only the first packet during a connection attempt
  B. different rule configurations based on payload pattern
  D. offers application-level monitoring