200-201試験無料問題集（379題）「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」

出題：1

What is a difference between an inline and a tap mode traffic monitoring?

A. Inline mode monitors traffic path, examining any traffic at a wire speed, while a tap mode monitors traffic as it crosses the network.

B. Inline monitors traffic without examining other devices, while a tap mode tags traffic and examines the data from monitoring devices.

C. Tap mode monitors packets and their content with the highest speed, while the inline mode draws a packet path for analysis.

D. Tap mode monitors traffic direction, while inline mode keeps packet data as it passes through the monitoring devices.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which event is a vishing attack?

A. impersonating a tech support agent during a phone call

B. setting up a rogue access point near a public hotspot

C. using a vulnerability scanner on a corporate network

D. obtaining disposed documents from an organization

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

How does an SSL certificate impact security between the client and the server?

A. by creating an integrated channel between the client and the server

B. by creating an encrypted channel between the client and the server

C. by enabling an authorized channel between the client and the server

D. by enabling an authenticated channel between the client and the server

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Which regex matches only on all lowercase letters?

A. a#z+

B. a*z+

C. [^a#z]+

D. [a#z]+

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

What is the benefit of processing statistical data for security systems?

A. provides fewer false negative events than full packet capture

B. detects suspicious behavior based on traffic baselining trends

C. uses less CPU and RAM resources than metadata-based monitoring

D. provides full visibility based on capture of packet traffic data

正解：B 解答を投票する

出題：6

Refer to the exhibit.

Which application-level protocol is being targeted?

A. TCP

B. HTTPS

C. FTP

D. HTTP

正解：D 解答を投票する

出題：7

Drag and drop the technology on the left onto the data type the technology provides on the right.

正解：

出題：8

Which technology should be used to implement a solution that makes routing decisions based on HTTP header, uniform resource identifier, and SSL session ID attributes?

A. Load balancer

B. Proxy server

C. IIS

D. AWS

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Which action matches the weaponization step of the Cyber Kill Chain model?

A. Scan a host to find open ports and vulnerabilities

B. Construct the appropriate malware and deliver it to the victim.

C. Test and construct the appropriate malware to launch the attack

D. Research data on a specific vulnerability

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Refer to the exhibit.

Which packet contains a file that is extractable within Wireshark?

A. 2318

B. 2542

C. 1986

D. 2317

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

What is the function of a command and control server?

A. It drops secondary payload into malware

B. It is used to regain control of the network after a compromise

C. It enumerates open ports on a network device

D. It sends instruction to a compromised system

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

A network engineer noticed in the NetFlow report that internal hosts are sending many DNS requests to external DNS servers A SOC analyst checked the endpoints and discovered that they are infected and became part of the botnet Endpoints are sending multiple DNS requests but with spoofed IP addresses of valid external sources What kind of attack are infected endpoints involved in1?

A. DNS hijacking

B. DNS amplification

C. DNS tunneling

D. DNS flooding

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

Endpoint logs indicate that a machine has obtained an unusual gateway address and unusual DNS servers via DHCP Which type of attack is occurring?

A. phishing

B. command injection

C. man in the middle attack

D. evasion methods

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

A. timestamps

B. IP identifier

C. 5-tuple

D. sequence numbers

正解：C 解答を投票する

出題：15

What is the impact of encapsulation on the network?

A. Something significant is concealed from virtually separate networks.

B. Logically separate functions in the network are abstracted from their underlying structures.

C. Numerous local private addresses are mapped to a public one before the data is moved.

D. Web requests are taken on behalf of users and the response is collected from the web.

正解：B 解答を投票する

出題：16

Refer to the exhibit. Which set of actions must an engineer perform to identify and fix this issue?

A. Add client authentication to the certificate template, reissue, and apply the certificate.

B. Reinstall the IIS server to reset certificate details to default and try to connect to the server.

C. Remove the intermediate certificates and install the CA root certificate on each server.

D. Implement a different version of CA authority and install intermediate certificates.

正解：A 解答を投票する

200-201試験無料問題集「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」