200-201 Exam Questions

Total 181 Questions

Last Updated Exam : 16-Dec-2024

Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?


A.

integrity


B.

confidentiality


C.

availability


D.

scope





A.
  

integrity



How is attacking a vulnerability categorized?


A.

action on objectives


B.

delivery


C.

exploitation


D.

insta





C.
  

exploitation



A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and
writes to a new PHP file on the webserver. Which event category is described?


A.

reconnaissance


B.

action on objectives


C.

installation


D.

exploitation





C.
  

installation



Which type of attack occurs when an attacker is successful in eavesdropping on a
conversation between two
IP phones?


A.

known-plaintext


B.

replay


C.

dictionary


D.

man-in-the-middle





D.
  

man-in-the-middle



What does cyber attribution identity in an investigation?


A.

cause of an attack


B.

exploit of an attack


C.

vulnerabilities exploited


D.

threat actors of an attack





D.
  

threat actors of an attack



What is the difference between the ACK flag and the RST flag in the NetFlow log session?


A.

The RST flag confirms the beginning of the TCP connection, and the ACK flag responds
when the data for the payload is complete


B.

BT


C.

The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection


D.

The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection





D.
  

The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection



You have identified a malicious file in a sandbox analysis tool. Which piece of file
information from the analysis
is needed to search for additional downloads of this file by other hosts?


A.

file name


B.

file hash value


C.

file type


D.

file size





B.
  

file hash value



What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?


A.

least privilege


B.

need to know


C.

integrity validation


D.

due diligence





A.
  

least privilege



An analyst discovers that a legitimate security alert has been dismissed.
Which signature caused this impact on network traffic?


A.

true negative


B.

false negative


C.

false positive


D.

true positive





B.
  

false negative



In a SOC environment, what is a vulnerability management metric?


A.

code signing enforcement


B.

full assets scan


C.

internet exposed devices


D.

single factor authentication





D.
  

single factor authentication




Page 5 out of 19 Pages
Previous