Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
Answer(s): D
Which incidence response step includes identifying all hosts affected by an attack?
3.3.3 Identifying the Attacking Hosts During incident handling, system owners and others sometimes want to or need to identify the attacking host or hosts. Although this information can be important, incident handlers should generally stay focused on containment, eradication, and recovery. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf The response phase, or containment, of incident response, is the point at which the incident response team begins interacting with affected systems and attempts to keep further damage from occurring as a result of the incident.
Which two elements are used for profiling a network? (Choose two.)
Answer(s): A,B
A network profile should include some important elements, such as the following:Total throughput the amount of data passing from a given source to a given destination in a given period of time.Session duration the time between the establishment of a data flow and its termination Ports used a list of TCP or UDP processes that are available to accept data Critical asset address space the IP addresses or the logical location of essential systems or data Profiling data are data that system has gathered, these data helps for incident response and to detect incident Network profiling = throughput, sessions duration, port used, Critical Asset Address Space Host profiling = Listening ports, logged in accounts, running processes, running tasks,applications
Which category relates to improper use or disclosure of PII data?
Answer(s): C
Post your Comments and Discuss Cisco® 200-201 exam with other Community members:
AEB commented on December 11, 2024 The breadth of knowledge for this exam is large. It doesn't seem possible to learn everything on it for an associate level exam. UNITED STATES upvote
Bio commented on September 05, 2023 200-201 CBROPS 092023 - Exam still 75% to 80% valid. Suggest to those who wants to pass to study this, along with netacads, and review quizlets to ensure you pass. GERMANY upvote
AB commented on August 21, 2023 200-201 is still good. passed Aug 14 UNITED STATES upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 200-201 content, but please register or login to continue.