Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 200-201

Free 200-201 Exam Braindumps (page: 21)

Page 20 of 66
PDF with 436 Questions

What are two denial of service attacks? (Choose two.)

  1. MITM
  2. TCP connections
  3. ping of death
  4. UDP flooding
  5. code red

Answer(s): C,D



An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap.
Which command will accomplish this goal?

  1. nmap --top-ports 192.168.1.0/24
  2. nmap ­sP 192.168.1.0/24
  3. nmap -sL 192.168.1.0/24
  4. nmap -sV 192.168.1.0/24

Answer(s): B


Reference:

https://explainshell.com/explain?cmd=nmap+-sP



An analyst is investigating a host in the network that appears to be communicating to a command and control server on the Internet. After collecting this packet capture, the analyst cannot determine the technique and payload used for the communication.



Which obfuscation technique is the attacker using?

  1. Base64 encoding
  2. TLS encryption
  3. SHA-256 hashing
  4. ROT13 encryption

Answer(s): B

Explanation:

ROT13 is considered weak encryption and is not used with TLS (HTTPS:443).


Reference:

https://en.wikipedia.org/wiki/ROT13



What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)

  1. Untampered images are used in the security investigation process
  2. Tampered images are used in the security investigation process
  3. The image is tampered if the stored hash and the computed hash match
  4. Tampered images are used in the incident recovery process
  5. The image is untampered if the stored hash and the computed hash match

Answer(s): A,E

Explanation:

Cert Guide by Omar Santos, Chapter 9 - Introduction to digital Forensics. "When you collect evidence, you must protect its integrity. This involves making sure that nothing is added to the evidence and that nothing is deleted or destroyed (this is known as evidence preservation)."






Post your Comments and Discuss Cisco® 200-201 exam with other Community members:

Exam Discussions & Posts