200-201 VOL2 Question

1

• 200-201 Understanding Cisco Cybersecurity
  Operations Fundamentals (CBROPS) VOL2
• QUESTION NO 1
• Which of the following are generally categorized
  as the two main types of exploits regarding
  cybersecurity? (Select two)
• Worm
• Virus
• Known
• Malware
• Unknown
• Answer C, E

• QUESTION NO 2
• You want to implement a security solution that
  will analyze aggregated data, pulls threat data
  from external feeds, and automates the
  remediation of security events. Which solution
  does this best describe?
• SIEM
• SOAR
• Syslog
• SNMP
• Answer B

• QUESTION NO 3
• Which of the following are evasion techniques
  used by threat actors to avoid detection from IPS
  and IDS systems? (Select three)
• IP address spoofing
• Encryption
• Stenography
• Pivoting
• Fragmentation
• Answer A, B, E

QUESTION NO 4
2

• Which of the following tools could be used to
  defend against pivot attacks? (Select two)
• Access Control Lists
• IPSec encryption
• Network Segmentation using firewalls
• The use of a Certificate Authority (CA)
• Answer A, C

• QUESTION NO 5
• Which of the following describes a timing-based
  attack?
• Performing an attack after hours or on weekends.
• Performing an attack at a specific time of day.
• Sending malicious code to a host while it is at
  its busiest point in the day.
• Sending the malicious traffic at a slow pace in
  an attempt to circumvent IPS signature matching
• Answer D

• QUESTION NO 6
• Which of the following would be the biggest
  challenge for Intrusion Prevention Systems (IPS)
  to be able to identify malicious traffic?
• Oversized (Jumbo) packets
• Undersized 9runt) packets
• Encryption
• High bandwidth utilization
• Answer C

• QUESTION NO7
• Which of the following statements are true
  regarding the Secure Shell (SSH) Protocol?
  (Select three)
• A. It uses symmetric encryption
• B It uses asymmetric encryption
• It uses TCP port 20 and 21
• It uses TCP port 22
• It is less secure than telnet

3
E. It is more secure than telnet Answer A, D, F

• QUESTION NO 8
• Which of the following terms is used when a
  firewall is configured to hide the internal IPs
  from
• the public internet by translating the source IP
  addresses to a different IP address?
• IP address masking
• NAT
• VPN
• Access Control List (ACL)
• Answer B

• QUESTION NO 9
• Which of the following statements regarding Tor
  is correct (Select two)
• Tor makes security monitoring easier
• Tor routes IP packets through a network of relays
• Tor consistently routes traffic through the same
  path for optimal routing
• Tor can be used by malware to hide their true
  source
• Answer B, D

QUESTION NO 10 Which of the following Common
Vulnerability Scoring System (CVSS) scores
translate to a rating of low? A. 1.0 B. 5.0 C.
8.0 D. 9.0 Answer A
QUESTION NO 11
4

• What does the acronym TOR stand for when used
  with the study of Internet routing?
• The Onion Routing
• The Only Router
• Targeted Object Risk
• Threat Oriented Response
• Answer A

• QUESTION NO 12
• In an effort to mitigate man-in-the-middle
  attacks, you want to implement better security on
  your corporate website. Which of the following
  would you implement on this web server to
  accomplish this?
• HTTPS
• DNS Security
• HTTP
• SMTP
• Answer A

• QUESTION NO 13
• You need to communicate to corporate management
  the severity levels of your organizations
• cybersecurity vulnerabilities. Which of the
  following would be BEST to convey this
  information?
• CVSS
• Firewall and IPS logs
• Netflow data
• CVE
• Answer A

QUESTION NO 14 Which of the following Common
Vulnerability Scoring System (CVSS) scores
translate to a rating of high? A. 1.0 B. 5.0 C.
8.0 D. 90.0
5
Answer C

• QUESTION NO 15
• Your company has decided to host its web and
  applications servers with a cloud-based provider.
  From a security standpoint, what is the greatest
  concern you should have with this decision?
• Exposure of your company data to other clients of
  the cloud-based provider.
• Cloud-based provider lacks the technical
  knowledge to secure your environment.
• Using a cloud-based provider will introduce
  additional risks of outages when compared to
  hosting on site.
• By using the cloud-based provider, a new attack
  surface has been introduced.
• Answer D

• QUESTION NO 16
• What five elements make up a 5-tuple when it
  comes to data collection and analysis? (Select
  five)
• Source MAC address
• Destination MAC address
• Source IP address
• Destination IP address
• DSCP value
• Protocol
• Source port
• Destination port
• Answer C, D, F, G, H

QUESTION NO 17 While using SSH to access a that
you use regularly, you now see the following
message
6

• This has not been seen before when accessing this
  server. What is the most likely reason for this?
• ARP cache poisoning
• Man-in-the-middle
• MAC address spoofing
• IP address spoofing
• Answer B

• QUESTION NO 18
• Which of the following are valid fields found in
  an X.509 certificate? (Select three)
• Version
• Serial Number
• Time stamp
• Validity date
• Issuer distinguished name
• Answer A, B, E

• QUESTION NO 19
• Which of the following are the four Attack Vector
  Metrics as defined by the Common Vulnerability
  Scoring System? (Select four)
• Network
• Internet
• Adjacent
• Local
• Logical
• Physical
• Internal
• External
• Answer A, C, D, F

QUESTION NO 20 Which of the following IPS
misidentifications would result in the greatest
risk to an organization? A. False positive
7

• False negative
• True positive
• True negative
• Answer B