200-201試験無料問題集（332題）「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」

出題：1

What is the difference between inline traffic interrogation and traffic mirroring?

A. Inline interrogation is less complex as traffic mirroring applies additional tags to data.

B. Traffic mirroring copies the traffic rather than forwarding it directly to the analysis tools

C. Inline replicates the traffic to preserve integrity rather than modifying packets before sending them to other analysis tools.

D. Traffic mirroring results in faster traffic analysis and inline is considerably slower due to latency.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Refer to the exhibit. Where is the executable file?

A. MIME

B. tags

C. info

D. name

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which attack method is being used when an attacker tries to compromise a network with an authentication system that uses only 4-digit numeric passwords and no username?

A. SQL injection

B. replay

C. cross-site scripting

D. dictionary

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Which tool gives the ability to see session data in real time?

A. tcpdstat

B. trafdump

C. tcptrace

D. trafshow

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

What is an example of social engineering attacks?

A. sending a verbal request to an administrator who knows how to change an account password

B. receiving an email from human resources requesting a visit to their secure website to update contact information

C. receiving an unexpected email from an unknown person with an attachment from someone in the same company

D. receiving an invitation to the department's weekly WebEx meeting

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

What is the difference between vulnerability and risk?

A. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself

B. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit

C. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself.

D. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Refer to the exhibit.
What does the message indicate?

A. a denied access attempt was made to retrieve the password file

B. a successful access attempt was made to retrieve the root of the website

C. an access attempt was made from the Mosaic web browser

D. a successful access attempt was made to retrieve the password file

正解：B 解答を投票する

出題：8

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?

A. data mining

B. rapid response

C. decision making

D. due diligence

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

According to CVSS, what is a description of the attack vector score?

A. The metric score will be larger when a remote attack is more likely.

B. It depends on how far away the attacker is located and the vulnerable component

C. It depends on how many physical and logical manipulations are possible on a vulnerable component

D. The metric score will be larger when it is easier to physically touch or manipulate the vulnerable component

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

What is a difference between SI EM and SOAR security systems?

A. SOAR collects and stores security data at a central point and then converts it into actionable intelligence, and SIEM enables SOC teams to automate and orchestrate manual tasks

B. SIEM combines data collecting, standardization, case management, and analytics for a defense-in-depth concept, and SOAR collects security data antivirus logs, firewall logs, and hashes of downloaded files

C. SIEM raises alerts in the event of detecting any suspicious activity, and SOAR automates investigation path workflows and reduces time spent on alerts

D. SOAR ingests numerous types of logs and event data infrastructure components and SIEM can fetch data from endpoint security software and external threat intelligence feeds

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

Which event artifact is used to identify HTTP GET requests for a specific file?

A. HTTP status code

B. TCP ACK

C. URI

D. destination IP address

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

Refer to the exhibit. An employee received an email from an unknown sender with an attachment and reported it as a phishing attempt. An engineer uploaded the file to Cuckoo for further analysis. What should an engineer interpret from the provided Cuckoo report?

A. The file is clean and does not represent a risk.

B. MD5 of the file was not identified as malicious.

C. Cuckoo cleaned the malicious file and prepared it for usage.

D. Win32.polip.a.exe is an executable file and should be flagged as malicious.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

Which attack method intercepts traffic on a switched network?

A. ARP cache poisoning

B. denial of service

C. DHCP snooping

D. command and control

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

200-201試験無料問題集「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」