CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 200-201

Free 200-201 Exam Braindumps (page: 7)

Page 6 of 66
PDF with 435 Questions

What is the difference between statistical detection and rule-based detection models?

  1. Rule-based detection involves the collection of data in relation to the behavior of legitimate users over a period of time
  2. Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it on an IF/THEN basis
  3. Statistical detection involves the evaluation of an object on its intended actions before it executes that behavior
  4. Rule-based detection defines legitimate data of users over a period of time and statistical detection defines it on an IF/THEN basis

Answer(s): B



What is the difference between a threat and a risk?

  1. Threat represents a potential danger that could take advantage of a weakness in a system
  2. Risk represents the known and identified loss or danger in the system
  3. Risk represents the nonintentional interaction with uncertainty in the system
  4. Threat represents a state of being exposed to an attack or a compromise, either physically or logically.

Answer(s): A

Explanation:

A threat is any potential danger to an asset. If a vulnerability exists but has not yet been exploited-- or, more importantly, it is not yet publicly known--the threat is latent and not yet realized.



Which attack method intercepts traffic on a switched network?

  1. denial of service
  2. ARP cache poisoning
  3. DHCP snooping
  4. command and control

Answer(s): B

Explanation:

An ARP-based MITM attack is achieved when an attacker poisons the ARP cache of two devices with the MAC address of the attacker's network interface card (NIC). Once the ARP caches have been successfully poisoned, each victim device sends all its packets to the attacker when communicating to the other device and puts the attacker in the middle of the communications path between the two victim devices. It allows an attacker to easily monitor all communication between victim devices. The intent is to intercept and view the information being passed between the two victim devices and potentially introduce sessions and traffic between the two victim devices



What does an attacker use to determine which network ports are listening on a potential target device?

  1. man-in-the-middle
  2. port scanning
  3. SQL injection
  4. ping sweep

Answer(s): B






Post your Comments and Discuss Cisco® 200-201 exam with other Community members:

200-201 Discussions & Posts