Exam Details
Exam Code
:200-201Exam Name
:Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)Certification
:CyberOps AssociateVendor
:CiscoTotal Questions
:406 Q&AsLast Updated
:May 06, 2024
Cisco CyberOps Associate 200-201 Questions & Answers
-
Question 291:
What is the virtual address space for a Windows process?
A. physical location of an object in memory
B. set of pages that reside in the physical memory
C. system-level memory protection feature built into the operating system
D. set of virtual memory addresses that can be used
-
Question 292:
Which metric should be used when evaluating the effectiveness and scope of a Security Operations Center?
A. The average time the SOC takes to register and assign the incident.
B. The total incident escalations per week.
C. The average time the SOC takes to detect and resolve the incident.
D. The total incident escalations per month.
-
Question 293:
Which vulnerability type is used to read, write, or erase information from a database?
A. cross-site scripting
B. cross-site request forgery
C. buffer overflow
D. SQL injection
-
Question 294:
What is a difference between SIEM and SOAR?
A. SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation.
B. SlEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response.
C. SIEM predicts and prevents security alerts, while SOAR checks attack patterns and applies the mitigation.
D. SOAR's primary function is to collect and detect anomalies, while SIEM is more focused on security operations automation and response.
-
Question 295:
Refer to the exhibit.
An attacker scanned the server using Nmap. What did the attacker obtain from this scan?
A. Identified a firewall device preventing the pert state from being returned.
B. Identified open SMB ports on the server
C. Gathered information on processes running on the server
D. Gathered a list of Active Directory users
-
Question 296:
What are two social engineering techniques? (Choose two.)
A. privilege escalation
B. DDoS attack
C. phishing
D. man-in-the-middle
E. pharming
-
Question 297:
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?
A. least privilege
B. need to know
C. integrity validation
D. due diligence
-
Question 298:
What is a benefit of using asymmetric cryptography?
A. decrypts data with one key
B. fast data transfer
C. secure data transfer
D. encrypts data with one key
-
Question 299:
What makes HTTPS traffic difficult to monitor?
A. SSL interception
B. packet header size
C. signature detection time
D. encryption
-
Question 300:
An analyst received a ticket regarding a degraded processing capability for one of the HR department's servers. On the same day, an engineer noticed a disabled antivirus software and was not able to determine when or why it occurred. According to the NIST Incident Handling Guide, what is the next phase of this investigation?
A. Recovery
B. Detection
C. Eradication
D. Analysis
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 200-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.