Win IT Exam with Last Dumps 2024


Cisco 200-201 Exam

Page 17/24
Viewing Questions 161 170 out of 231 Questions
70.83%

Question 161
An engineer is addressing a connectivity issue between two servers where the remote server is unable to establish a successful session. Initial checks show that the remote server is not receiving a SYN-ACK while establishing a session by sending the first SYN. What is causing this issue?
A. incorrect TCP handshake
B. incorrect UDP handshake
C. incorrect OSI configuration
D. incorrect snaplen configuration

Question 162
Refer to the exhibit. What is shown in this PCAP file?
Image 200-201_162Q.png related to the Cisco 200-201 Exam
A. The User-Agent is Mozilla/5.0.
B. Timestamps are indicated with error.
C. The HTTP GET is encoded.
D. The protocol is TCP.

Question 163
Which regular expression is needed to capture the IP address 192.168.20.232?
A. ^(?:[0-9]{1,3}\.){3}[0-9]{1,3}
B. ^(?:[0-9]{1,3}\.)*
C. ^)?:[0-9]{1,3}\.){1,4}
D. ^([0-9].{3})

Question 164
An engineer received an alert affecting the degraded performance of a critical server. Analysis showed a heavy CPU and memory load. What is the next step the engineer should take to investigate this resource usage?
A. Run "ps -u" to find out who executed additional processes that caused a high load on a server
B. Run "ps -ef" to understand which processes are taking a high amount of resources
C. Run "ps -d" to decrease the priority state of high load processes to avoid resource exhaustion
D. Run "ps -m" to capture the existing state of daemons and map required processes to find the gap

Question 165
Refer to the exhibit. Which component is identifiable in this exhibit?
Image 200-201_165Q.png related to the Cisco 200-201 Exam
A. Windows Registry hive
B. Trusted Root Certificate store on the local machine
C. Windows PowerShell verb
D. local service in the Windows Services Manager


Question 166
An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group.
What is the initial event called in the NIST SP800-61?
A. online assault
B. precursor
C. trigger
D. instigator

Question 167
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
A. CSIRT
B. PSIRT
C. public affairs
D. management

Question 168
Which incidence response step includes identifying all hosts affected by an attack?
A. detection and analysis
B. post-incident activity
C. preparation
D. containment, eradication, and recovery

Question 169
Which two elements are used for profiling a network? (Choose two.)
A. session duration
B. total throughput
C. running processes
D. listening ports
E. OS fingerprint

Question 170
Which category relates to improper use or disclosure of PII data?
A. legal
B. compliance
C. regulated
D. contractual