200-201 VOL3-Question

1. 200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) VOL3 QUESTION NO: 1 Deep packet inspection offers the functionality to inspect data at which of the following OSI layers? A.Layer 3 and 4 B.Layers 2-5 C.Layers 1-7 D.Layer 2-7 Answer: D QUESTION NO: 2 Which of the following fields are present in a UDP header? (Select two) A.Length B.Sequence number C.Source Port D.Window E.Window Answer: A, C QUESTION NO: 3 Which of the following fields can be found in a TCP header that are not included in a UDP header? (Select three) A.Source Port B.Destination Port C.Checksum D.Sequence number E.Acknowledgement number F.Urgent pointer Answer: D, E, F QUESTION NO: 4 © Copyright Prep Solutions Limited, All rights reserved

2. Which of the following fields can be found in a UDP header that are not included in a TCP header? A.Length B.Source port C.Destination Port D.Flags E.Checksum Answer: A QUESTION NO: 5 The use of regular expressions is supported by Cisco when used to filter or search through the output of a command. When using regular expressions, what does the $ signify? A.Start of string B.End of string C.0 or more instances that match D.1 or more instances that match Answer: B QUESTION NO: 6 Which of the following terms best describes the process of confirming a file that is downloaded from the Internet is not corrupted or modified using a verifiable checksum? A.Digital signature B.Certificates C.Public and Private keys D.Hashing Answer: D QUESTION NO: 7 According to the NIST Special Publication 800-61 document for the Computer Security Incident Handling Guide, what are the four elements of the Incident Response Life Cycle? (Select Four) A.Pre-Incident Activity B.Preparation C.Mitigation © Copyright Prep Solutions Limited, All rights reserved

3. D.Detection and Analysis E.Containment Eradication and Recovery F.Post-Incident Activity G.Isolation Answer: B, D, E, F QUESTION NO: 8 According to NIST SP800-61, which component of the security Incident Response Life Cycle includes tasks such as creating a follow up report and holding a lessons learned meeting? A.Preparation B.Containment, Eradication, and Recovery C.Post-Incident Activity D.Detection and Analysis E.Recovery Answer: C QUESTION NO: 9 Which of the following are considered to be sensitive information according to Personally identifiable information (PII) standards that organizations are legally bound to protect in regards to their customer’s personal data? (Select three) A.Zip code B.Driver’s license number C.Gender D.Social Security number E.Address F.Birthplace Answer: B, D, E QUESTION NO: 10 You are following a cybersecurity adversary by studying its methods based on its infrastructure, capabilities, and past victims. Which of the following models does this describe? A.The Diamond Model of Intrusion model B.The Cyber Kill Chain model C.PSI © Copyright Prep Solutions Limited, All rights reserved

4. D.PII E.PHI Answer: A QUESTION NO: 11 You are part of a network security team and you are facing challenges to identify a host (victim or attacker). What tool would you select from the options below to solve this issue in your network. A.SMTP B.VPN C.Stealthwatch D.Certificates Answer: C QUESTION NO: 12 Encryption is considered to be a boon for network communications however it poses numerous challenges when it comes to network monitoring. Select all the correct answers from the below options. A.Certificate is used for encryption and decryption. B.Attackers may use encryption as a method of evasion and obfuscation. C.Encryption is not recommended in enterprise networks as it consumes more resources than plain text communication. D.Pre-shared-Keys are more secure than Encryption. Answer: A, B QUESTION NO: 13 Select the Cisco technology from the below options that allows you to detect malicious activities even if the communication is encrypted? A.Cisco AMP B.Cognitive Threat Analysis C.Cisco Anyconnect D.Cisco ISR Routers Answer: B © Copyright Prep Solutions Limited, All rights reserved

5. QUESTION NO: 14 Why is NTP important in an Enterprise network? Select the right answer from the below options. A.It helps in resolving the DNS queries. B.Multiple NTP servers are configured in the network to individually assign a NTP server for each networking device. C.All network devices have their own clocks hence NTP servers are not needed. D.It keeps the date and time synchronized among network & security devices. Answer: D QUESTION NO: 15 As a network security administrator, you are facing issues with the IP Fragmentation attacks. Select various IP fragmentation attacks from the below option. (Choose two) A.TCP Handshake B.UDP flooding C.TCP fragmentation DDoS D.Host Escalation Answer: B, C QUESTION NO: 16 As a Network Security administrator, you come across an IP Fragmentation attack. Select the best solution from the below options to mitigate the attack. A.Block all non-initial fragments B.Use rate-limiting C.Disconnect the device to avoid the attack D.Whitelist specific servers and use rate limiting for rest Answer: D QUESTION NO: 17 © Copyright Prep Solutions Limited, All rights reserved

6. As a Network Security Administrator, you came to know of a known vulnerability in Cisco IOS that may be affecting multiple network devices in your network. Which data base will you check to capture more information about the vulnerability? A.FIRST B.NVD C.CVE D.VULDB Answer: B QUESTION NO: 18 You are deploying Cisco Email Security in clients environment. Select the correct OS that is run on the Email Security Appliances. A.IOS B.IOS-XE C.AsyncOS D.NX-OS Answer: C QUESTION NO: 19 Select the correct statement from the below options regarding traditional Information Security & Cybersecurity. A.Traditional Information security is focused on securing applications whereas Cybersecurity focuses on Confidentiality, Integrity & Availability of data. B.Traditional Information security is focused on Confidentiality, Integrity & Availability of data whereas Cybersecurity focuses on preventing, detecting and responding to attacks. C.Traditional Information security is considered more secure while handling ongoing threats. D.Tradition Security concepts are preferred by enterprise customers over Cybersecurity. Answer: B QUESTION NO: 20 DRAG & DROP Match the certifications to their respective objectives: © Copyright Prep Solutions Limited, All rights reserved

7. Answer: © Copyright Prep Solutions Limited, All rights reserved