Certbus > Cisco > CyberOps Associate > 200-201 > 200-201 Online Practice Questions and Answers

200-201 Online Practice Questions and Answers

Questions 4

Which technology on a host is used to isolate a running application from other applications?

A. sandbox

B. application allow list

C. application block list

D. host-based firewall

Browse 406 Q&As
Questions 5

What is a difference between tampered and untampered disk images?

A. Tampered images have the same stored and computed hash.

B. Untampered images are deliberately altered to preserve as evidence.

C. Tampered images are used as evidence.

D. Untampered images are used for forensic investigations.

Browse 406 Q&As
Questions 6

At which layer is deep packet inspection investigated on a firewall?

A. internet

B. transport

C. application

D. data link

Browse 406 Q&As
Questions 7

What is an incident response plan?

A. an organizational approach to events that could lead to asset loss or disruption of operations

B. an organizational approach to security management to ensure a service lifecycle and continuous improvements

C. an organizational approach to disaster recovery and timely restoration of operational services

D. an organizational approach to system backup and data archiving aligned to regulations

Browse 406 Q&As
Questions 8

Which event is user interaction?

A. gaining root access

B. executing remote code

C. reading and writing file permission

D. opening a malicious file

Browse 406 Q&As
Questions 9

An engineer needs to fetch logs from a proxy server and generate actual events according to the data received. Which technology should the engineer use to accomplish this task?

A. Firepower

B. Email Security Appliance

C. Web Security Appliance

D. Stealthwatch

Browse 406 Q&As
Questions 10

During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?

A. examination

B. investigation

C. collection

D. reporting

Browse 406 Q&As
Questions 11

Which type of attack uses a botnet to reflect requests off of an NTP server to overwhelm a target?

A. replay

B. distributed denial of service

C. denial of service

D. man-in-the-middle

Browse 406 Q&As
Exam Code: 200-201
Exam Name: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Last Update: Mar 19, 2025
Questions: 406 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99