Cisco 200-201 exam revealed answer (P. 7)

Question 61

An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network.

Image 200-201_61Q.jpg related to the Cisco 200-201 Exam

Image 200-201_61R.jpg related to the Cisco 200-201 Exam

Question 62

What is an example of social engineering attacks?

A. receiving an unexpected email from an unknown person with an attachment from someone in the same company

B. receiving an email from human resources requesting a visit to their secure website to update contact information

C. sending a verbal request to an administrator who knows how to change an account password

D. receiving an invitation to the department's weekly WebEx meeting

Question 63

Refer to the exhibit. What is occurring in this network?

Image 200-201_63Q.png related to the Cisco 200-201 Exam

A. ARP cache poisoning

B. DNS cache poisoning

C. MAC address table overflow

D. MAC flooding attack

Question 64

Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

A. syslog messages

B. full packet capture

C. NetFlow

D. firewall event logs

Question 65

Which action prevents buffer overflow attacks?

A. variable randomization

B. using web based applications

C. input validation

D. using a Linux operating system

Question 66

Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IP phones?

A. known-plaintext

B. replay

C. dictionary

D. man-in-the-middle

Question 67

Refer to the exhibit. What should be interpreted from this packet capture?

Image 200-201_67Q.png related to the Cisco 200-201 Exam

A. 81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.

B. 192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.

C. 192.168.122.100 is sending a packet from port 80 to port 50272 of IP address 81.179.179.69 using UDP protocol.

D. 81.179.179.69 is sending a packet from port 50272 to port 80 of IP address 192.168.122.100 using TCP protocol.

Question 68

What are the two characteristics of the full packet captures? (Choose two.)

A. Identifying network loops and collision domains.

B. Troubleshooting the cause of security and performance issues.

C. Reassembling fragmented traffic from raw data.

D. Detecting common hardware faults and identify faulty assets.

E. Providing a historical record of a network transaction.

Question 69

Refer to the exhibit. An engineer is analyzing this Cuckoo Sandbox report for a PDF file that has been downloaded from an email. What is the state of this file?

Image 200-201_69Q.png related to the Cisco 200-201 Exam

A. The file has an embedded executable and was matched by PEiD threat signatures for further analysis.

B. The file has an embedded non-Windows executable but no suspicious features are identified.

C. The file has an embedded Windows 32 executable and the Yara field lists suspicious features for further analysis.

D. The file was matched by PEiD threat signatures but no suspicious features are identified since the signature list is up to date.

Question 70

DRAG DROP - Drag and drop the technology on the left onto the data type the technology provides on the right. Select and Place:

Image 200-201_70Q.jpg related to the Cisco 200-201 Exam

Image 200-201_70R.jpg related to the Cisco 200-201 Exam

Win IT Exam with Last Dumps 2023

Cisco 200-201 Exam

Page 7/24

Viewing Questions 61 70 out of 231 Questions

An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network.

What is an example of social engineering attacks?

A. receiving an unexpected email from an unknown person with an attachment from someone in the same company

B. receiving an email from human resources requesting a visit to their secure website to update contact information

C. sending a verbal request to an administrator who knows how to change an account password

D. receiving an invitation to the department's weekly WebEx meeting

Refer to the exhibit. What is occurring in this network?

A. ARP cache poisoning

B. DNS cache poisoning

C. MAC address table overflow

D. MAC flooding attack

Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

A. syslog messages

B. full packet capture

C. NetFlow

D. firewall event logs

Which action prevents buffer overflow attacks?

A. variable randomization

B. using web based applications

C. input validation

D. using a Linux operating system

Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IP phones?

A. known-plaintext

B. replay

C. dictionary

D. man-in-the-middle

Refer to the exhibit. What should be interpreted from this packet capture?

A. 81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.

B. 192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.

C. 192.168.122.100 is sending a packet from port 80 to port 50272 of IP address 81.179.179.69 using UDP protocol.

D. 81.179.179.69 is sending a packet from port 50272 to port 80 of IP address 192.168.122.100 using TCP protocol.

What are the two characteristics of the full packet captures? (Choose two.)

A. Identifying network loops and collision domains.

B. Troubleshooting the cause of security and performance issues.

C. Reassembling fragmented traffic from raw data.

D. Detecting common hardware faults and identify faulty assets.

E. Providing a historical record of a network transaction.

Refer to the exhibit. An engineer is analyzing this Cuckoo Sandbox report for a PDF file that has been downloaded from an email. What is the state of this file?

A. The file has an embedded executable and was matched by PEiD threat signatures for further analysis.

B. The file has an embedded non-Windows executable but no suspicious features are identified.

C. The file has an embedded Windows 32 executable and the Yara field lists suspicious features for further analysis.

D. The file was matched by PEiD threat signatures but no suspicious features are identified since the signature list is up to date.

DRAG DROP - Drag and drop the technology on the left onto the data type the technology provides on the right. Select and Place: