200-201 VOL2-Question

1. 200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) VOL2 QUESTION NO: 1 Which of the following are generally categorized as the two main types of exploits regarding cybersecurity? (Select two) A.Worm B.Virus C.Known D.Malware E.Unknown Answer: C, E QUESTION NO: 2 You want to implement a security solution that will analyze aggregated data, pulls threat data from external feeds, and automates the remediation of security events. Which solution does this best describe? A.SIEM B.SOAR C.Syslog D.SNMP Answer: B QUESTION NO: 3 Which of the following are evasion techniques used by threat actors to avoid detection from IPS and IDS systems? (Select three) A.IP address spoofing B.Encryption C.Stenography D.Pivoting E.Fragmentation Answer: A, B, E QUESTION NO: 4 © Copyright Prep Solutions Limited, All rights reserved

2. Which of the following tools could be used to defend against pivot attacks? (Select two) A.Access Control Lists B.IPSec encryption C.Network Segmentation using firewalls D.The use of a Certificate Authority (CA) Answer: A, C QUESTION NO: 5 Which of the following describes a timing-based attack? A.Performing an attack after hours or on weekends. B.Performing an attack at a specific time of day. C.Sending malicious code to a host while it is at its busiest point in the day. D.Sending the malicious traffic at a slow pace in an attempt to circumvent IPS signature matching Answer: D QUESTION NO: 6 Which of the following would be the biggest challenge for Intrusion Prevention Systems (IPS) to be able to identify malicious traffic? A.Oversized (Jumbo) packets B.Undersized 9runt) packets C.Encryption D.High bandwidth utilization Answer: C QUESTION NO:7 Which of the following statements are true regarding the Secure Shell (SSH) Protocol? (Select three) A.It uses symmetric encryption A.B It uses asymmetric encryption B.It uses TCP port 20 and 21 C.It uses TCP port 22 D.It is less secure than telnet © Copyright Prep Solutions Limited, All rights reserved

3. E.It is more secure than telnet Answer: A, D, F QUESTION NO: 8 Which of the following terms is used when a firewall is configured to hide the internal IP’s from the public internet by translating the source IP addresses to a different IP address? A.IP address masking B.NAT C.VPN D.Access Control List (ACL) Answer: B QUESTION NO: 9 Which of the following statements regarding Tor is correct (Select two) A.Tor makes security monitoring easier B.Tor routes IP packets through a network of relays C.Tor consistently routes traffic through the same path for optimal routing D.Tor can be used by malware to hide their true source Answer: B, D QUESTION NO: 10 Which of the following Common Vulnerability Scoring System (CVSS) scores translate to a rating of low? A.1.0 B.5.0 C.8.0 D.9.0 Answer: A QUESTION NO: 11 © Copyright Prep Solutions Limited, All rights reserved

4. What does the acronym TOR stand for when used with the study of Internet routing? A.The Onion Routing B.The Only Router C.Targeted Object Risk D.Threat Oriented Response Answer: A QUESTION NO: 12 In an effort to mitigate man-in-the-middle attacks, you want to implement better security on your corporate website. Which of the following would you implement on this web server to accomplish this? A.HTTPS B.DNS Security C.HTTP D.SMTP Answer: A QUESTION NO: 13 You need to communicate to corporate management the severity levels of your organization’s cybersecurity vulnerabilities. Which of the following would be BEST to convey this information? A.CVSS B.Firewall and IPS logs C.Netflow data D.CVE Answer: A QUESTION NO: 14 Which of the following Common Vulnerability Scoring System (CVSS) scores translate to a rating of high? A.1.0 B.5.0 C.8.0 D.90.0 © Copyright Prep Solutions Limited, All rights reserved

5. Answer: C QUESTION NO: 15 Your company has decided to host its web and applications servers with a cloud-based provider. From a security standpoint, what is the greatest concern you should have with this decision? A.Exposure of your company data to other clients of the cloud-based provider. B.Cloud-based provider lacks the technical knowledge to secure your environment. C.Using a cloud-based provider will introduce additional risks of outages when compared to hosting on site. D.By using the cloud-based provider, a new attack surface has been introduced. Answer: D QUESTION NO: 16 What five elements make up a 5-tuple when it comes to data collection and analysis? (Select five) A.Source MAC address B.Destination MAC address C.Source IP address D.Destination IP address E.DSCP value F.Protocol G.Source port H.Destination port Answer: C, D, F, G, H QUESTION NO: 17 While using SSH to access a that you use regularly, you now see the following message: © Copyright Prep Solutions Limited, All rights reserved

6. This has not been seen before when accessing this server. What is the most likely reason for this? A.ARP cache poisoning B.Man-in-the-middle C.MAC address spoofing D.IP address spoofing Answer: B QUESTION NO: 18 Which of the following are valid fields found in an X.509 certificate? (Select three) A.Version B.Serial Number C.Time stamp D.Validity date E.Issuer distinguished name Answer: A, B, E QUESTION NO: 19 Which of the following are the four Attack Vector Metrics as defined by the Common Vulnerability Scoring System? (Select four) A.Network B.Internet C.Adjacent D.Local E.Logical F.Physical G.Internal H.External Answer: A, C, D, F QUESTION NO: 20 Which of the following IPS misidentifications would result in the greatest risk to an organization? A.False positive © Copyright Prep Solutions Limited, All rights reserved

7. B.False negative C.True positive D.True negative Answer: B © Copyright Prep Solutions Limited, All rights reserved