Win IT Exam with Last Dumps 2023

Cisco 200-201 Exam

Page 10/24
Viewing Questions 91 100 out of 231 Questions

Question 91
Refer to the exhibit. Which event is occurring?
Image 200-201_91Q.png related to the Cisco 200-201 Exam
A. A binary named "submit" is running on VM cuckoo1.
B. A binary is being submitted to run on VM cuckoo1
C. A binary on VM cuckoo1 is being submitted for evaluation
D. A URL is being evaluated to see if it has a malicious binary

Question 92
Refer to the exhibit. In which Linux log file is this output found?
Image 200-201_92Q.png related to the Cisco 200-201 Exam
A. /var/log/authorization.log
B. /var/log/dmesg
C. var/log/var.log
D. /var/log/auth.log

Question 93
An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection. Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)
A. signatures
B. host IP addresses
C. file size
D. dropped files
E. domain names

Question 94
An analyst is exploring the functionality of different operating systems. What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?
A. queries Linux devices that have Microsoft Services for Linux installed
B. deploys Windows Operating Systems in an automated fashion
C. is an efficient tool for working with Active Directory
D. has a Common Information Model, which describes installed hardware and software

Question 95
What causes events on a Windows system to show Event Code 4625 in the log messages?
A. The system detected an XSS attack
B. Someone is trying a brute force attack on the network
C. Another device is gaining root access to the system
D. A privileged user successfully logged into the system

Question 96
Refer to the exhibit. What does the message indicate?
Image 200-201_96Q.png related to the Cisco 200-201 Exam
A. an access attempt was made from the Mosaic web browser
B. a successful access attempt was made to retrieve the password file
C. a successful access attempt was made to retrieve the root of the website
D. a denied access attempt was made to retrieve the password file

Question 97
Refer to the exhibit. This request was sent to a web application server driven by a database.
Image 200-201_97Q.png related to the Cisco 200-201 Exam
Which type of web server attack is represented?
A. parameter manipulation
B. heap memory corruption
C. command injection
D. blind SQL injection

Question 98
A SOC analyst is investigating an incident that involves a Linux system that is identifying specific sessions. Which identifier tracks an active program?
A. application identification number
B. active process identification number
C. runtime identification number
D. process identification number

Question 99
An offline audit log contains the source IP address of a session suspected to have exploited a vulnerability resulting in system compromise. Which kind of evidence is this IP address?
A. best evidence
B. corroborative evidence
C. indirect evidence
D. forensic evidence

Question 100
Which system monitors local system operation and local network access for violations of a security policy?
A. host-based intrusion detection
B. systems-based sandboxing
C. host-based firewall
D. antivirus

Premium Version