200-201試験無料問題集「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」

A. NetFlow collects metadata and traffic mirroring clones data.

B. NetFlow generates more data than traffic mirroring.

C. Traffic mirroring costs less to operate than NetFlow.

D. Traffic mirroring impacts switch performance and NetFlow does not.

A. statistical data

B. full packet capture

C. session data

D. transaction data

A. col[0-8]+our

B. colou?r

C. col[0-9]+our

D. colo?ur

A. fast data transfer

B. encrypts data with one key

C. secure data transfer

D. decrypts data with one key

A. A host on the network is sending a DDoS attack to another inside host.

B. A policy violation is active for host 10.201.3.149.

C. A policy violation is active for host 10.10.101.24.

D. There are two active data exfiltration alerts.

A. The metric score will be larger when a remote attack is more likely.

B. It depends on how far away the attacker is located and the vulnerable component

C. It depends on how many physical and logical manipulations are possible on a vulnerable component

D. The metric score will be larger when it is easier to physically touch or manipulate the vulnerable component

A. 10.128.0.2 sends POST/1.1 And POST requests, and the target responds with HTTP/1.1 200 Ok and HTTP/1.1 403 accordingly. This is an HTTP Reserve Bandwidth flood.

B. 10.0.0.2 sends GET/ HTTP/1.1 And Post request and the target responds with HTTP/1.1. 200 OC and HTTP/1.1 403 accordingly. This is an HTTP flood attempt.

C. 10.0.0.2 sends HTTP FORBIDDEN /1.1 And Post request, while the target responds with HTTP/1.1 200 Get and HTTP/1.1 403. This is an HTTP GET flood attack.

D. 10.128.0.2 sends HTTP/FORBIDDEN/ 1.1 and Get requests, and the target responds with HTTP/1.1 200 OK and HTTP/1.1 403. This is an HTTP cache bypass attack.

A. input sanitization

B. variable randomization

C. using a Linux operating system

D. using web based applications

A. Block connection to this C&C server on the perimeter next-generation firewall

B. Detect the attack vector and analyze C&C connections

C. Provide security awareness training to HR managers and employees

D. Update antivirus signature databases on affected endpoints to block connections to C&C

E. Isolate affected endpoints and take disk images for analysis

A. Rule-based detection involves the evaluation of events, and statistical detection requires an evaluated set of events to function Rule-based detection defines

B. legitimate data over a period of time, and statistical detection works on a predefined set of rules

C. Statistical detection defines legitimate data over time, and rule-based detection works on a predefined set of rules

D. Statistical detection involves the evaluation of events, and rule-based detection requires an evaluated set of events to function.

A. The file is ransomware.

B. The file will open a command interpreter when executed.

C. The file is spyware.

D. The file will open unsecure ports when executed.

A. incorrect TCP handshake

B. incorrect UDP handshake

C. incorrect snaplen configuration

D. incorrect OSI configuration

A. SQL injection

B. port scanning

C. man-in-the-middle

D. ping sweep

A. the individuals who perform an attack

B. an exploitable weakness in a system or its design

C. any potential danger to an asset

D. the sum of all paths for data into and out of the environment

A. bluesnarfing

B. SQL injection

C. denial-of-service

D. man-in-the-middle

A. vulnerability scoring

B. post-incident activity

C. vulnerability management

D. risk assessment

E. detection and analysis