Free Cisco 200-201 Exam Questions

Question 1

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

A : quence numbers

B : identifier

C : 5-tuple

D : mestamps

Answer: C

Question 2

Refer to the exhibit.

Which kind of attack method is depicted in this string?

A : cross-site scripting

B : man-in-the-middle

C : SQL injection

D : denial of service

Answer: A

Question 3

Refer to the exhibit.An analyst receives an IDS alert pertaining to a possible data exfiltration attempt. An additional set of logs iscollected from different systems and analyzed. Which type of evidence do the logs provide in relation to theprimary alert from the IDS?

A : corroborative evidence

B : primary evidence

C : circumstantial evidence

D : secondary evidence

Answer: A

Question 4

According to CVSS, what is a description of the attack vector score?

A : It depends on how far away the attacker is located and the vulnerable component.

B : The metric score will be larger when a remote attack is more likely.

C : It depends on how many physical and logical manipulations are possible on a vulnerable component.

D : The metric score will be larger when it is easier to physically touch or manipulate the vulnerable component.

Answer: B

Question 5

Refer to the exhibit.An analyst receives an IDS alert pertaining to a possible data exfiltration attempt. An additional set of logs iscollected from different systems and analyzed. Which type of evidence do the logs provide in relation to theprimary alert from the IDS?

A : corroborative evidence

B : primary evidence

C : circumstantial evidence

D : secondary evidence

Answer: A