200-201試験無料問題集（332題）「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」

出題：1

One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?

A. confidentiality, identity, and availability

B. confidentiality, integrity, and availability

C. confidentiality, identity, and authorization

D. confidentiality, integrity, and authorization

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

What is a benefit of using asymmetric cryptography?

A. fast data transfer

B. encrypts data with one key

C. secure data transfer

D. decrypts data with one key

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IP phones?

A. replay

B. man-in-the-middle

C. dictionary

D. known-plaintext

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Refer to the exhibit Drag and drop the element names from the left onto the corresponding pieces of the PCAP file on the right.

正解：

出題：5

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

A. timestamps

B. IP identifier

C. 5-tuple

D. sequence numbers

正解：C 解答を投票する

出題：6

Why should an engineer use a full packet capture to investigate a security breach?

A. It collects metadata for the engineer to analyze, including IP traffic packet data that is sorted, parsed, and indexed.

B. It reconstructs the event allowing the engineer to identify the root cause by seeing what took place during the breach

C. It provides the full TCP streams for the engineer to follow the metadata to identify the incoming threat.

D. It captures the TCP flags set within each packet for the engineer to focus on suspicious packets to identify malicious activity

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

What is the virtual address space for a Windows process?

A. system-level memory protection feature built into the operating system

B. set of virtual memory addresses that can be used

C. physical location of an object in memory

D. set of pages that reside in the physical memory

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

How can TOR impact data visibility inside an organization?

A. increases security

B. no impact

C. increases data integrity

D. decreases visibility

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is up to date; there are no alerts from antivirus and no failed login attempts. What is causing the lack of data visibility needed to detect the attack?

A. The threat actor used a dictionary-based password attack to obtain credentials.

B. The threat actor used the teardrop technique to confuse and crash login services.

C. The threat actor gained access to the system by known credentials.

D. The threat actor used an unknown vulnerability of the operating system that went undetected.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Refer to the exhibit.
What is the expected result when the "Allow subdissector to reassemble TCP streams" feature is enabled?

A. extract a file from a packet capture

B. insert TCP subdissectors

C. disable TCP streams

D. unfragment TCP

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

What is a collection of compromised machines that attackers use to carry out a DDoS attack?

A. botnet

B. VLAN

C. subnet

D. command and control

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

After a large influx of network traffic to externally facing devices, a security engineer begins investigating what appears to be a denial of service attack When the packet capture data is reviewed, the engineer notices that the traffic is a single SYN packet to each port Which type of attack is occurring?

A. host profiling

B. port scanning

C. SYN flood

D. traffic fragmentation

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

A malicious file has been identified in a sandbox analysis tool.
Which piece of information is needed to search for additional downloads of this file by other hosts?

A. file size

B. file name

C. file hash value

D. file header type

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Which security model assumes an attacker within and outside of the network and enforces strict verification before connecting to any system or resource within the organization?

A. Zero Trust

B. Object-capability

C. Biba

D. Take-Grant

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

200-201試験無料問題集「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」