Win IT Exam with Last Dumps 2024

Cisco 200-201 Exam

Page 13/24
Viewing Questions 121 130 out of 231 Questions

Question 121
Which technology on a host is used to isolate a running application from other application?
A. application allow list
B. application block list
C. host-based firewall
D. sandbox

Question 122
Refer to the exhibit. Which type of attack is being executed?
Image 200-201_122Q.png related to the Cisco 200-201 Exam
A. cross-site request forgery
B. command injection
C. SQL injection
D. cross-site scripting

Question 123
What is a difference between inline traffic interrogation and traffic mirroring?
A. Inline inspection acts on the original traffic data flow
B. Traffic mirroring passes live traffic to a tool for blocking
C. Traffic mirroring inspects live traffic for analysis and mitigation
D. Inline traffic copies packets for analysis and security

Question 124
A system administrator is ensuring that specific registry information is accurate. Which type of configuration information does the HKEY_LOCAL_MACHINE hive contain?
A. file extension associations
B. hardware, software, and security settings for the system
C. currently logged in users, including folders and control panel settings
D. all users on the system, including visual settings

Question 125
Refer to the exhibit. Which packet contains a file that is extractable within Wireshark?
Image 200-201_125Q.png related to the Cisco 200-201 Exam
A. 2317
B. 1986
C. 2318
D. 2542

Question 126
Which regex matches only on all lowercase letters?
A. [a-z]+
B. [^a-z]+
C. a-z+
D. a*z+

Question 127
While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header.
Which technology makes this behavior possible?
A. encapsulation
C. tunneling

Question 128
Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?
A. Modify the settings of the intrusion detection system.
B. Design criteria for reviewing alerts.
C. Redefine signature rules.
D. Adjust the alerts schedule.

Question 129
What is the impact of false positive alerts on business compared to true positive?
A. True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them.
B. True-positive alerts are blocked by mistake as potential attacks, while False-positives are actual attacks identified as harmless.
C. False positives alerts are manually ignored signatures to avoid warnings that are already acknowledged, while true positives are warnings that are not yet acknowledged.
D. False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.

Question 130
An engineer needs to fetch logs from a proxy server and generate actual events according to the data received. Which technology should the engineer use to accomplish this task?
A. Firepower
B. Email Security Appliance
C. Web Security Appliance
D. Stealthwatch

Premium Version