CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 200-201

Free 200-201 Exam Braindumps (page: 30)

Page 30 of 66
PDF with 400 Questions

Which HTTP header field is used in forensics to identify the type of browser used?

  1. referrer
  2. host
  3. user-agent
  4. accept-language

Answer(s): C

Explanation:

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0 In computing, a user agent is any software, acting on behalf of a user, which "retrieves, renders and facilitates end- user interaction with Web content".[1] A user agent is therefore a special kind of software agent. https://en.wikipedia.org/wiki/User_agent#User_agent_identification A user agent is a computer program representing a person, for example, a browser in a Web context. https://developer.mozilla.org/en-US/docs/Glossary/User_agent



Which event artifact is used to identify HTTP GET requests for a specific file?

  1. destination IP address
  2. TCP ACK
  3. HTTP status code
  4. URI

Answer(s): D



What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?

  1. Tapping interrogation replicates signals to a separate port for analyzing traffic
  2. Tapping interrogations detect and block malicious traffic
  3. Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies
  4. Inline interrogation detects malicious traffic but does not block the traffic

Answer(s): A

Explanation:

A network TAP is a simple device that connects directly to the cabling infrastructure to split or copy packets for use in analysis, security, or general network management



At which layer is deep packet inspection investigated on a firewall?

  1. internet
  2. transport
  3. application
  4. data link

Answer(s): C

Explanation:

Deep packet inspection is a form of packet filtering usually carried out as a function of your firewall. It is applied at the Open Systems Interconnection's application layer. Deep packet inspection evaluates the contents of a packet that is going through a checkpoint.



Page 30 of 66



Post your Comments and Discuss Cisco® 200-201 exam with other Community members:

AEB commented on December 11, 2024
The breadth of knowledge for this exam is large. It doesn't seem possible to learn everything on it for an associate level exam.
UNITED STATES
upvote

Bio commented on September 05, 2023
200-201 CBROPS 092023 - Exam still 75% to 80% valid. Suggest to those who wants to pass to study this, along with netacads, and review quizlets to ensure you pass.
GERMANY
upvote

AB commented on August 21, 2023
200-201 is still good. passed Aug 14
UNITED STATES
upvote