CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 200-201

Free 200-201 Exam Braindumps (page: 31)

Page 30 of 66
PDF with 435 Questions

Which HTTP header field is used in forensics to identify the type of browser used?

  1. referrer
  2. host
  3. user-agent
  4. accept-language

Answer(s): C

Explanation:

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0 In computing, a user agent is any software, acting on behalf of a user, which "retrieves, renders and facilitates end- user interaction with Web content".[1] A user agent is therefore a special kind of software agent. https://en.wikipedia.org/wiki/User_agent#User_agent_identification A user agent is a computer program representing a person, for example, a browser in a Web context. https://developer.mozilla.org/en-US/docs/Glossary/User_agent



Which event artifact is used to identify HTTP GET requests for a specific file?

  1. destination IP address
  2. TCP ACK
  3. HTTP status code
  4. URI

Answer(s): D



What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?

  1. Tapping interrogation replicates signals to a separate port for analyzing traffic
  2. Tapping interrogations detect and block malicious traffic
  3. Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies
  4. Inline interrogation detects malicious traffic but does not block the traffic

Answer(s): A

Explanation:

A network TAP is a simple device that connects directly to the cabling infrastructure to split or copy packets for use in analysis, security, or general network management



At which layer is deep packet inspection investigated on a firewall?

  1. internet
  2. transport
  3. application
  4. data link

Answer(s): C

Explanation:

Deep packet inspection is a form of packet filtering usually carried out as a function of your firewall. It is applied at the Open Systems Interconnection's application layer. Deep packet inspection evaluates the contents of a packet that is going through a checkpoint.






Post your Comments and Discuss Cisco® 200-201 exam with other Community members:

200-201 Discussions & Posts