Login
Login

200-201 Exam Questions

Total 181 Questions

Last Updated Exam : 28-Mar-2025

What is rule-based detection when compared to statistical detection?


A.

proof of a user's identity


B.

proof of a user's action


C.

likelihood of user's action


D.

Dfalsification of a user's identity





B.   

proof of a user's action



Which two elements are used for profiling a network? (Choose two.)


A.

session duration


B.

total throughput


C.

running processes


D.

 listening ports


E.

EOS fingerprint





D.   

 listening ports



E.   

EOS fingerprint



Which evasion technique is indicated when an intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources?


A.

resource exhaustion


B.

tunneling


C.

traffic fragmentation


D.

timing attack





A.   

resource exhaustion



E.   

Which attack is the network vulnerable to when a stream cipher like RC4 is used twice with the same key?


A.

forgery attack


B.

plaintext-only attack


C.

ciphertext-only attack


D.

meet-in-the-middle attack





C.   

ciphertext-only attack



What does cyber attribution identify in an investigation?


A.

exploit of an attack


B.

 threat actors of an attack


C.

vulnerabilities exploited


D.

cause of an attack





B.   

 threat actors of an attack



Which two elements of the incident response process are stated in NIST Special
Publication 800-61 r2? (Choose two.)


A.

detection and analysis


B.

post-incident activity


C.

vulnerability management


D.

risk assessment





A.   

detection and analysis



B.   

post-incident activity



Reference: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

A security engineer has a video of a suspect entering a data center that was captured on  the same day that files in the same data center were transferred to a competitor. Which type of evidence is this?


A.

best evidence


B.

prima facie evidence


C.

indirect evidence


D.

physical evidence





C.   

indirect evidence



the same day that files in the same data center were transferred to a competitor.
Which type of evidence is this?


A.

best evidence


B.

prima facie evidence


C.

indirect evidence


D.

physical evidence





C.   

indirect evidence



A security engineer has a video of a suspect entering a data center that was captured on the same day that files in the same data center were transferred to a competitor. Which type of evidence is this?


A.

best evidence


B.

prima facie evidence


C.

indirect evidence


D.

Dphysical evidence





C.   

indirect evidence



Refer to the exhibit.


Which two elements in the table are parts of the 5-tuple? (Choose two.)


A.

A. First Packet


B.

 Initiator User


C.

Ingress Security Zone


D.

Source Port


E.

Initiator IP





D.   

Source Port



E.   

Initiator IP




Cisco 200-201 Exam Details


Exam Code: 200-201
Exam Name: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Certification Name: Cisco Certified CyberOps Associate
Certification Provider: Cisco
Exam Questions: 95–105 questions
Exam Time: 120 minutes
Passing Score: Variable : (750-850 / 1000 Approx.)

Copyright © - All Rights Reserved