Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Cisco 200-201 Practice Exam with Questions & Answers | Set: 5

Questions 41

What is a difference between a threat and a vulnerability?

Options:
A.

A vulnerability is a risk of unauthorized actions from a threat actor, and a threat is the actions that malicious actors perform for privilege escalation.

B.

A threat is what an engineer is trying to protect an asset against, and a vulnerability is a weakness in an asset that an engineer is trying to mitigate.

C.

A vulnerability is an asset without hardened protection, and a threat is a weakness that is open to attackers due to misconfiguration.

D.

A threat is a weakness in an asset that an engineer is trying to mitigate, and a vulnerability is an existing risk of possible damage or loss of data.

Cisco 200-201 Premium Access
Questions 42

What is the difference between the ACK flag and the RST flag?

Options:
A.

The ACK flag validates the receipt of the previous packet in the stream, and the same session is being closed by the RST flag.

B.

The ACK flag validates the next packets to be sent to a destination, and the RST flag is what the RST returns to indicate that the destination is reachable.

C.

The RST flag identifies the connection as reliable and trustworthy within the handshake process, and the ACK flag prepares a response by opening a session between the source and destination.

D.

The RST flag establishes the communication, and the ACK flag cancels spontaneous connections that were not specifically sent to the expecting host.

Questions 43

What is the difference between mandatory access control (MAC) and discretionary access control (DAC)?

Options:
A.

MAC is controlled by the discretion of the owner and DAC is controlled by an administrator

B.

MAC is the strictest of all levels of control and DAC is object-based access

C.

DAC is controlled by the operating system and MAC is controlled by an administrator

D.

DAC is the strictest of all levels of control and MAC is object-based access

Questions 44

A company had a recent breach and lost confidential data to a competitor. An internal investigation found out that a new junior accounting specialist logged in to the accounting server with their user ID and stole confidential data. The junior accounting specialist denies the action and claims that the attempt was done by someone else. During court proceedings, the company presents logs and CCTV camera recordings that show the malicious insider in action. Which type of evidence has the company presented?

Options:
A.

indirect and corroborative

B.

direct and corroborative

C.

circumstantial and direct

D.

corroborative and substantive

Questions 45

A security consultant must change the identity access management model fof their organization The new approach will put responsibility on the owner, who will decide whichusers will have access to which resources Which low-cost model must be used for this purpose?

Options:
A.

mandatory access control, due to automate scaling

B.

discretionary access control due to easy maintenance

C.

discretionary access control, due to high security

D.

mandatory access control, due to low granularity

Questions 46

What causes events on a Windows system to show Event Code 4625 in the log messages?

Options:
A.

The system detected an XSS attack

B.

Someone is trying a brute force attack on the network

C.

Another device is gaining root access to the system

D.

A privileged user successfully logged into the system

Questions 47

Refer to the exhibit.

200-201 Question 47

What does this output indicate?

Options:
A.

HTTPS ports are open on the server.

B.

SMB ports are closed on the server.

C.

FTP ports are open on the server.

D.

Email ports are closed on the server.

Questions 48

An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is up to date; there are no alerts from antivirus and no failed login attempts. What is causing the lack of data visibility needed to detect the attack?

Options:
A.

The threat actor used a dictionary-based password attack to obtain credentials.

B.

The threat actor gained access to the system by known credentials.

C.

The threat actor used the teardrop technique to confuse and crash login services.

D.

The threat actor used an unknown vulnerability of the operating system that went undetected.

Questions 49

An analyst discovers that a legitimate security alert has been dismissed. Which signature caused this impact on network traffic?

Options:
A.

true negative

B.

false negative

C.

false positive

D.

true positive

Questions 50

Refer to the exhibit.

200-201 Question 50

What is occurring?

Options:
A.

Identifying possible malware communications and botnet activity

B.

Monitoring of encrypted and unencrypted web sessions for diagnostics.

C.

Analysis of traffic flows during network capacity testing

D.

Review of session logs for performance optimization in a distributed application environment