CBT IT Certification Training

Unlimited IT Certification Courses via Streaming Video

Login to this site requires ssl communication.
Click here to reload the page over ssl.

  • Lost your password?

  • Back to login
Loading
Login to this site requires ssl communication.
Click here to reload the page over ssl.

  • Lost your password?

  • Back to login
Loading
  • Home
  • Courses
        • Amazon
          • Solutions Architect
          • SysOps Associate
        • CompTIA
          • A+
          • CASP+
          • Cloud Essentials
          • CySA+
          • Data+
          • Linux+
          • Network+ [N10-007]
          • Network+ [N10-008]
          • PenTest+
          • Project+
          • Security+
        • Juniper
          • JNCIA-Junos
          • JNCIA-SEC
          • JNCIS-ENT
          • JNCIS-SEC
        • Wireshark
          • WCNA
        • Career
          • How to Break into IT
          • IT Freelancing
          • Ace Your IT Exams
        • DevOps
          • DevOps Foundations
          • Docker Basics
        • Linux
          • CompTIA Linux+
          • Linux LPI Essentials
          • Linux LPIC-1
          • Linux LPIC-2
          • Linux LPIC-3 Security
        • TCP-IP
          • IP Subnetting
          • IPv6 Associate
          • IPv6 Professional
          • IPv6 Expert
        • Python
          • PCEP
          • PCAP
        • Cisco
          • CCNA Primer
          • CCNA Exam Coaching
          • CCNA
          • CCNA CyberOps
          • DevNet Associate
          • CCNP – ENARSI
          • CCNP ENCOR Primer
          • CCNP – ENCOR
        • Google
          • Cloud Architect
        • Microsoft
          • MTA Database
          • MTA Python
          • MTA Windows 10
          • MTA Server
          • MTA Security
          • Azure Fundamentals
          • Azure Administrator
          • Azure Developer
        • ITIL
          • ITIL Foundations
        • Web Development
          • PhP Fundamentals
          • CSS Fundamentals
          • HTML Fundamentals
          • MySQL Fundamentals
          • Learn JavaScript
          • Python From Scratch
        • EC Council
          • Certified Ethical Hacker
        • ISC2
          • SSCP
        • VMware
          • VCA Data Center
        • Wireless
          • CWNA
          • CWSP
  • Racks
    • GNS3 VM – Virtual Cisco Rack
    • Live Cisco Racks
  • Tour
  • Blog
  • Join
  • Join
  • Free IT Training
    • Free CCNA Study and Lab Guide
    • CCNA Security Study and Lab Guide
    • CompTIA Network+ Study Guide
    • CompTIA Security+ Study Guide
    • Network Design Workbook
    • Free IT Webinars
    • Free IT Exams
  • Meet the Trainers
  • Help
    • Helpdesk
    • FAQ
    • Contact Us
    • Privacy
  • Products
    • IT Study Guides
  • Start $1 Trial
  • Login
  • Members
    • Account
    • Exam Coaching
    • Exams
    • Forum
    • Live Cisco Rack Training
    • Members Training
    • Member Bonuses
    • My Courses
    • Nuggets
  • Home
  • Courses
        • Amazon
          • Solutions Architect
          • SysOps Associate
        • CompTIA
          • A+
          • CASP+
          • Cloud Essentials
          • CySA+
          • Data+
          • Linux+
          • Network+ [N10-007]
          • Network+ [N10-008]
          • PenTest+
          • Project+
          • Security+
        • Juniper
          • JNCIA-Junos
          • JNCIA-SEC
          • JNCIS-ENT
          • JNCIS-SEC
        • Wireshark
          • WCNA
        • Career
          • How to Break into IT
          • IT Freelancing
          • Ace Your IT Exams
        • DevOps
          • DevOps Foundations
          • Docker Basics
        • Linux
          • CompTIA Linux+
          • Linux LPI Essentials
          • Linux LPIC-1
          • Linux LPIC-2
          • Linux LPIC-3 Security
        • TCP-IP
          • IP Subnetting
          • IPv6 Associate
          • IPv6 Professional
          • IPv6 Expert
        • Python
          • PCEP
          • PCAP
        • Cisco
          • CCNA Primer
          • CCNA Exam Coaching
          • CCNA
          • CCNA CyberOps
          • DevNet Associate
          • CCNP – ENARSI
          • CCNP ENCOR Primer
          • CCNP – ENCOR
        • Google
          • Cloud Architect
        • Microsoft
          • MTA Database
          • MTA Python
          • MTA Windows 10
          • MTA Server
          • MTA Security
          • Azure Fundamentals
          • Azure Administrator
          • Azure Developer
        • ITIL
          • ITIL Foundations
        • Web Development
          • PhP Fundamentals
          • CSS Fundamentals
          • HTML Fundamentals
          • MySQL Fundamentals
          • Learn JavaScript
          • Python From Scratch
        • EC Council
          • Certified Ethical Hacker
        • ISC2
          • SSCP
        • VMware
          • VCA Data Center
        • Wireless
          • CWNA
          • CWSP
  • Racks
    • GNS3 VM – Virtual Cisco Rack
    • Live Cisco Racks
  • Tour
  • Blog
  • Join
  • Join
  • Free IT Training
    • Free CCNA Study and Lab Guide
    • CCNA Security Study and Lab Guide
    • CompTIA Network+ Study Guide
    • CompTIA Security+ Study Guide
    • Network Design Workbook
    • Free IT Webinars
    • Free IT Exams
  • Meet the Trainers
  • Help
    • Helpdesk
    • FAQ
    • Contact Us
    • Privacy
  • Products
    • IT Study Guides
  • Start $1 Trial
  • Login
  • Members
    • Account
    • Exam Coaching
    • Exams
    • Forum
    • Live Cisco Rack Training
    • Members Training
    • Member Bonuses
    • My Courses
    • Nuggets

Cisco CyberOps Associate [200-201]

Free Cisco CyberOps Practice Test – 200-201

Back to exams page.

Check our our Cisco CyberOps Associate course here.

loading

1. This type of attacks is another type of denial of service attacks that send a flood of protocol request packets to various IP hosts on a network. The idea is that the attacker will spoof the source of a target device.The host that receives these flooded packets, they become the reflector. And so they're going to reflect or respond back to the unsuspecting target. And what happens, that device gets flooded with all of these responses to something that he didn't even ask for.

Question 1 of 50

2. These access control method is based on the user's work function within the organization, and access is allowed or denied on the basis of a set of rules defined by the system administrator

Question 2 of 50

3. It is a free tool that allows users to surf the web anonymously.
It works by 'routing' IP traffic through a free, worldwide network of thousands of relays.
Then it constantly changes the way the traffic is routed to obscure the location of the user from anyone monitoring the network.

Question 3 of 50

4. When deciding to implement a full packet capture, what considerations should be take into account before implementing it? (Choose 4)

Question 4 of 50

5. After a security incident has been detected and sufficient analysis has been performed to determine that the incident is valid, it must be contained in order to determine what to do about it.
Strategies and procedures for incident containment need to be in place before an incident occurs and implemented before there is widespread damage. Which phase is this?

Question 5 of 50

6. It attempts to consume all the resources that a computer or network makes available to legitimate clients.
This is a very important issue, because it could disrupt the entire operation of a business.

Question 6 of 50

7. This access control method enables each user to control access to their own data.
Instead of a security label, as in the case of MAC, each resource in this system has an access-list attached to it.

Question 7 of 50

8. Which two of the following statements are true about host-based antivirus software? (Choose two.)

Question 8 of 50

9. In this type of attack, the attacker creates a fragment of a packet and offset the value in the ip header to indicate that the size of this packet is more than 65,536 bytes.
So what happens is that whenever a vulnerable machine gets this type of fragment, it tries to set up buffers to fit the size of the packet.
And then all of a sudden, there's no more resources left, because all of this buffer space is allocated to a packet that has the offset fragment set to a large size that isn't that big.

Question 9 of 50

10. In the IPS Alert matrix, an abundance of these kind of  alerts becomes a significant burden for IPS analysts as these can obscure the console  and hide true positive alerts.

 

 

Question 10 of 50

11. A ___________ is a system weakness or a design that can be exploited through a threat.
These are found in protocols themselves sometimes, as in the case of TCP / IP .

Question 11 of 50

12. This incident response stakeholder might need to perform disciplinary measures if an incident caused by an employee occurs.

Question 12 of 50

13. In data classification, these data are very difficult to obtain and sometimes cost considerable to ensure their secrecy.
Usually, few people have access to this data based only on a requirement to know this information

Question 13 of 50

14. ________________ minimize errors that may be caused by personnel who are under stress while participating in incident handling.
What is this?

Question 14 of 50

15. In security deployments, the continuum of attack is divided into three phases. What are those?  (choose 3).

Question 15 of 50

16. Source and destination IP addresses are usually shown in NetFlow records and security events. What other artifacts are part of NetFlow records? (Choose 2)

Question 16 of 50

17. ___________ is a function of the likelihood of a particular potential vulnerability being exercised by a particular threat source and the resulting impact of that adverse event on the organization.

Question 17 of 50

18. It refers to a dictionary of publicly known information security vulnerabilities and exposures.

Question 18 of 50

19. It refers to a Security feature to correlate and translate IP address map to Netflow. This feature is being provided by Cisco's Stealthwatch system.

Question 19 of 50

20. Which of these options refer to the first 3 steps involved in Cyber Kill Chain?

Question 20 of 50

21. This protocol is a connectionless protocol that is primarily used to route information over the Internet.
This protocol depends on the upper-level layers to ensure accountability and reliability.

Question 21 of 50

22. This type of firewall is implemented in the Linux user space, works at the application layer, and is used to permit or deny access to a specific service.

Question 22 of 50

23. This access control method intelligently filters TCP and UDP packets based on application layer log information.
It can be used for intranets, extranets and the Internet because of its inherent ability to distill packets (TCP and UDP) based on application protocol session information.

Question 23 of 50

24. Which of the following is an example of a packet capture program?

Question 24 of 50

25. Malicious Windows operating system codes that share a single virtual address space, and can manage the system CPU and memory resources directly are running in which mode?

Question 25 of 50

26. In Security onion, it is feature that provides audit records of every network session that is seen on the wire.
It also provides audit records at the application layer.

Question 26 of 50

27. In Linux, which command allows a user to view a list of open files/connections?

Question 27 of 50

28. Which security management concept addresses the inventory and control of hardware and software configurations of systems?

Question 28 of 50

29. This incident response stakeholder designs the budget and are in charge of staffing all of the departments.

Question 29 of 50

30. This NIST standard is a valuable resource for organizations that require guidance in developing digital forensics plans.

Question 30 of 50

31. Which of the following is true about NetFlow?

Question 31 of 50

32. After the weapon has been delivered, the threat actor uses it to break the vulnerability and gain control of the target.

Which cyberkill chain step does this refer to?

Question 32 of 50

33. Which of the following statements describe the features of anomaly detection? (Choose 4)

Question 33 of 50

34. It evaluates the data part and the header of a packet that is transmitted through an inspection point, weeding out any non-compliance to protocol, spam, viruses, intrusions, and any other defined criteria to block the packet from passing through the inspection point.

Question 34 of 50

35. This security management concept requires a robust means of identifying weaknesses based on vendor security bulletins and other information systems such as CVE. What is this?

 

Question 35 of 50

36. Regarding malware protection, which statement is true?

Question 36 of 50

37. This tool is a command line utility that allows you to capture and analyze network traffic through your system.
It is often used to help resolve network issues, as well as a security tool.
It can be used in a variety of cases as a powerful and versatile tool that includes many options and filters.
Since it is a command line tool, it is ideal to run on remote servers or devices for which a GUI is not available, to collect data that can be analyzed later.

 

Question 37 of 50

38. ________ is a new platform for the integration of multiple security technologies from a single point of view to ease of control, unified policy across on-site and cloud assets.
It is an open, cloud-based platform that connects the Cisco-integrated security portfolio to existing (non-Cisco) security products.

Question 38 of 50

39. This phase is when the CSIRT is created and trained.
This phase is also when the tools and assets that will be needed by the team to investigate incidents are acquired and deployed.

Question 39 of 50

40. Which Cisco AMP for Endpoints feature is used during post-incident investigations to determine the source (patient zero) of the malware?

Question 40 of 50

41. In Cisco security products, it provides comprehensive cloud-based security and controls for unique corporate email challenges, including email content, email attachments, and embedded URLs.

Question 41 of 50

42. If the Downloads directory is in the home directory, which three of the following commands will navigate you to the Downloads directory? (Choose three.)

Question 42 of 50

43. You encountered malware that automatically runs upon bootup in its own Windows sessions, and without any user interface. Which Windows component can be used to configure the malware from starting automatically?

Question 43 of 50

44. The process that is known as piping performs which of the following?

Question 44 of 50

45. Which of the following are used as the main techniques for deep packet inspection? (choose 3)

Question 45 of 50

46. In the IPS Alert matrix, very high priority is given to minimizing these type of alerts . The consequence can be catastrophic, and signatures need to be continuously updated as new exploits are discovered and hacking techniques

 

Question 46 of 50

47. Which of the following regular expressions will match any IP address on the 10.1.2.0/24 network?

Question 47 of 50

48. It refers to a piece of software, a tool, a technique, or a process that takes advantage of a weakness or flaw  that leads to access, privilege escalation, loss of integrity, or denial of service on a computer system.

Question 48 of 50

49. NetFlow is a great tool for anomaly and DDoS detection. Before
implementing these detection capabilities, you should perform which of
the following tasks?

Question 49 of 50

50. When investigating Windows-based security incidents, which can cause the most damage to the integrity of the Windows operating system?

Question 50 of 50

Loading... Loading...

 

content-filler

ABOUT US

This site has been created to help you make the best out of your IT career. Whether you are trying to get your first job, get promoted, or start your own IT business, we have a course for you.

MOST POPULAR

  • Account
  • Forum
  • Live Cisco Rack Training
  • Members Training
  • Member Bonuses
  • My Courses

Members

  • Account
  • Forum
  • Live Cisco Rack Training
  • Members Training
  • Member Bonuses
  • My Courses

Newsletter

Secure Site

website security secure

Copyright Reality Press Ltd . / Paul Browning