Win IT Exam with Last Dumps 2023

Cisco 200-201 Exam

Page 22/24
Viewing Questions 211 220 out of 231 Questions
91.67%

Question 211
A security analyst notices a sudden surge of incoming traffic and detects unknown packets from unknown senders. After further investigation, the analyst learns that customers claim that they cannot access company servers. According to NIST SP800-61, in which phase of the incident response process is the analyst?




Question 212
An analyst is using the SIEM platform and must extract a custom property from a Cisco device and capture the phrase, `File: Clean.` Which regex must the analyst import?




Question 213
What is an advantage of symmetric over asymmetric encryption?




Question 214
Refer to the exhibit. During the analysis of a suspicious scanning activity incident, an analyst discovered multiple local TCP connection events. Which technology provided these logs?
Image 200-201_214Q.png related to the Cisco 200-201 Exam




Question 215
An organization is cooperating with several third-party companies. Data exchange is on an unsecured channel using port 80. Internal employees use the FTP service to upload and download sensitive data. An engineer must ensure confidentiality while preserving the integrity of the communication. Which technology must the engineer implement in this scenario?




Question 216
Refer to the exhibit. A security analyst is investigating unusual activity from an unknown IP address. Which type of evidence is this file?
Image 200-201_216Q.png related to the Cisco 200-201 Exam




Question 217
Refer to the exhibit. An engineer received an event log file to review. Which technology generated the log?
Image 200-201_217Q.png related to the Cisco 200-201 Exam




Question 218
Refer to the exhibit. A workstation downloads a malicious .
docx file from the Internet and a copy is sent to FTDv. The FTDv sends the file hash to FMC and the file event is recorded. What would have occurred with stronger data visibility?
Image 200-201_218Q.png related to the Cisco 200-201 Exam




Question 219
Refer to the exhibit. Which frame numbers contain a file that is extractable via TCP stream within Wireshark?
Image 200-201_219Q.png related to the Cisco 200-201 Exam




Question 220
Refer to the exhibit. What is occurring?
Image 200-201_220Q.jpg related to the Cisco 200-201 Exam






Premium Version