Free 200-201 Exam Braindumps (page: 32)

Page 32 of 66

Which regex matches only on all lowercase letters?

  1. [a-z]+
  2. [^a-z]+
  3. a-z+
  4. a*z+

Answer(s): A



While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header.

Which technology makes this behavior possible?

  1. encapsulation
  2. TOR
  3. tunneling
  4. NAT

Answer(s): D

Explanation:

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.



Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?

  1. Modify the settings of the intrusion detection system.
  2. Design criteria for reviewing alerts.
  3. Redefine signature rules.
  4. Adjust the alerts schedule.

Answer(s): A

Explanation:

Traditional intrusion detection system (IDS) and intrusion prevention system (IPS) devices need to be tuned to avoid false positives and false negatives. Next-generation IPSs do not need the same level of tuning compared to traditional IPSs. Also, you can obtain much deeper reports and functionality, including advanced malware protection and retrospective analysis to see what happened after an

attack took place. Ref: Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide



What is the impact of false positive alerts on business compared to true positive?

  1. True positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach.
  2. True positive alerts are blocked by mistake as potential attacks affecting application availability.
  3. False positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach.
  4. False positive alerts are blocked by mistake as potential attacks affecting application availability.

Answer(s): C



Page 32 of 66



Post your Comments and Discuss Cisco® 200-201 exam with other Community members:

AEB commented on December 11, 2024
The breadth of knowledge for this exam is large. It doesn't seem possible to learn everything on it for an associate level exam.
UNITED STATES
upvote

Bio commented on September 05, 2023
200-201 CBROPS 092023 - Exam still 75% to 80% valid. Suggest to those who wants to pass to study this, along with netacads, and review quizlets to ensure you pass.
GERMANY
upvote

AB commented on August 21, 2023
200-201 is still good. passed Aug 14
UNITED STATES
upvote