1. Home
  2. Cisco
  3. 200-201

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Exam Details

  • Exam Code
    :200-201
  • Exam Name
    :Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
  • Certification
    :CyberOps Associate
  • Vendor
    :Cisco
  • Total Questions
    :406 Q&As
  • Last Updated
    :Apr 23, 2024

Cisco CyberOps Associate 200-201 Questions & Answers

  • Question 41:

    Which data type is necessary to get information about source/destination ports?

    A. statistical data

    B. session data

    C. connectivity data

    D. alert data

  • Question 42:

    Which security technology allows only a set of pre-approved applications to run on a system?

    A. application-level blacklisting

    B. host-based IPS

    C. application-level whitelisting

    D. antivirus

  • Question 43:

    What is the difference between the rule-based detection when compared to behavioral detection?

    A. Rule-Based detection is searching for patterns linked to specific types of attacks, while behavioral is identifying per signature.

    B. Rule-Based systems have established patterns that do not change with new data, while behavioral changes.

    C. Behavioral systems are predefined patterns from hundreds of users, while Rule-Based only flags potentially abnormal patterns using signatures.

    D. Behavioral systems find sequences that match a particular attack signature, while Rule- Based identifies potential attacks.

  • Question 44:

    What is the difference between vulnerability and risk?

    A. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself.

    B. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself

    C. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause.

    D. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit

  • Question 45:

    Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

    A. syslog messages

    B. full packet capture

    C. NetFlow

    D. firewall event logs

  • Question 46:

    Refer to the exhibit.

    What is occurring in this network traffic?

    A. High rate of SYN packets being sent from a multiple source towards a single destination IP.

    B. High rate of ACK packets being sent from a single source IP towards multiple destination IPs.

    C. Flood of ACK packets coming from a single source IP to multiple destination IPs.

    D. Flood of SYN packets coming from a single source IP to a single destination IP.

  • Question 47:

    What is an example of social engineering attacks?

    A. receiving an unexpected email from an unknown person with an attachment from someone in the same company

    B. receiving an email from human resources requesting a visit to their secure website to update contact information

    C. sending a verbal request to an administrator who knows how to change an account password

    D. receiving an invitation to the department's weekly WebEx meeting

  • Question 48:

    Which two components reduce the attack surface on an endpoint? (Choose two.)

    A. secure boot

    B. load balancing

    C. increased audit log levels

    D. restricting USB ports

    E. full packet captures at the endpoint

  • Question 49:

    Why is HTTPS traffic difficult to screen?

    A. HTTPS is used internally and screening traffic (or external parties is hard due to isolation.

    B. The communication is encrypted and the data in transit is secured.

    C. Digital certificates secure the session, and the data is sent at random intervals.

    D. Traffic is tunneled to a specific destination and is inaccessible to others except for the receiver.

  • Question 50:

    Which artifact is used to uniquely identify a detected file?

    A. file timestamp

    B. file extension

    C. file size

    D. file hash

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 200-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.