Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Cisco 200-201 Practice Exam with Questions & Answers | Set: 7

Questions 61

An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group.

What is the initial event called in the NIST SP800-61?

Options:
A.

online assault

B.

precursor

C.

trigger

D.

instigator

Cisco 200-201 Premium Access
Questions 62

Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?

Options:
A.

Modify the settings of the intrusion detection system.

B.

Design criteria for reviewing alerts.

C.

Redefine signature rules.

D.

Adjust the alerts schedule.

Questions 63

Refer to the exhibit.

200-201 Question 63

A company's user HTTP connection to a malicious site was blocked according to configured policy What is the source technology used for this measure'?

Options:
A.

network application control

B.

firewall

C.

IPS

D.

web proxy

Questions 64

Which regular expression matches "color" and "colour"?

Options:
A.

colo?ur

B.

col[0−8]+our

C.

colou?r

D.

col[0−9]+our

Questions 65

Drag and drop the security concept on the left onto the example of that concept on the right.

200-201 Question 65

Options:
Questions 66

Refer to the exhibit.

200-201 Question 66

Which component is identifiable in this exhibit?

Options:
A.

Trusted Root Certificate store on the local machine

B.

Windows PowerShell verb

C.

Windows Registry hive

D.

local service in the Windows Services Manager

Questions 67

An engineer received an alert affecting the degraded performance of a critical server Analysis showed a heavy CPU and memory load What is the next step the engineer should take to investigate this resource usage7

Options:
A.

Run "ps -ef to understand which processes are taking a high amount of resources

B.

Run "ps -u" to find out who executed additional processes that caused a high load on a server

C.

Run "ps -m" to capture the existing state of daemons and map the required processes to find the gap

D.

Run "ps -d" to decrease the priority state of high-load processes to avoid resource exhaustion

Questions 68

What is a difference between inline traffic interrogation and traffic mirroring?

Options:
A.

Inline inspection acts on the original traffic data flow

B.

Traffic mirroring passes live traffic to a tool for blocking

C.

Traffic mirroring inspects live traffic for analysis and mitigation

D.

Inline traffic copies packets for analysis and security

Questions 69

One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?

Options:
A.

confidentiality, identity, and authorization

B.

confidentiality, integrity, and authorization

C.

confidentiality, identity, and availability

D.

confidentiality, integrity, and availability

Questions 70

Refer to the exhibit.

200-201 Question 70

Which attack is being attempted against a web application?

Options:
A.

SQL injection

B.

man-in-the-middle

C.

command injection

D.

denial of service