200-201試験無料問題集「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」

Which step in the incident response process researches an attacking host through logs in a SIEM?

解説: (GoShiken メンバーにのみ表示されます)
What is a difference between an inline and a tap mode traffic monitoring?

解説: (GoShiken メンバーにのみ表示されます)
Which two elements are assets in the role of attribution in an investigation? (Choose two.)

解説: (GoShiken メンバーにのみ表示されます)
What is the communication channel established from a compromised machine back to the attacker?

解説: (GoShiken メンバーにのみ表示されます)
Why should an engineer use a full packet capture to investigate a security breach?

解説: (GoShiken メンバーにのみ表示されます)
A security engineer notices confidential data being exfiltrated to a domain "Ranso4134-mware31-895" address that is attributed to a known advanced persistent threat group The engineer discovers that the activity is part of a real attack and not a network misconfiguration. Which category does this event fall under as defined in the Cyber Kill Chain?

解説: (GoShiken メンバーにのみ表示されます)
A user received a targeted spear-phishing email and identified it as suspicious before opening the content. To which category of the Cyber Kill Chain model does to this type of event belong?

解説: (GoShiken メンバーにのみ表示されます)
Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

解説: (GoShiken メンバーにのみ表示されます)
Refer to the exhibit.

An engineer received an event log file to review. Which technology generated the log?

解説: (GoShiken メンバーにのみ表示されます)
Refer to the exhibit.

What does the message indicate?


Refer to the exhibit. A SOC analyst is examining the Windows security logs of one of the endpoints. What is the possible reason for this event log?

Which open-sourced packet capture tool uses Linux and Mac OS X operating systems?

解説: (GoShiken メンバーにのみ表示されます)
A SOC analyst is investigating an incident that involves a Linux system that is identifying specific sessions.
Which identifier tracks an active program?

解説: (GoShiken メンバーにのみ表示されます)
Which action matches the weaponization step of the Cyber Kill Chain Model?

解説: (GoShiken メンバーにのみ表示されます)
Which action prevents buffer overflow attacks?

解説: (GoShiken メンバーにのみ表示されます)
What is the benefit of processing statistical data for security systems?

An analyst discovers that a legitimate security alert has been dismissed. Which signature caused this impact on network traffic?

解説: (GoShiken メンバーにのみ表示されます)