Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 200-201

Cisco 200-201 Exam
Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) (Page 8 )

Updated On: 12-Feb-2026
Page 8 of 70
PDF with 451 Questions

A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver.
Which event category is described?

  1. reconnaissance
  2. action on objectives
  3. installation
  4. exploitation

Answer(s): C



What specific type of analysis is assigning values to the scenario to see expected outcomes?

  1. deterministic
  2. exploratory
  3. probabilistic
  4. descriptive

Answer(s): A



When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?

  1. fragmentation
  2. pivoting
  3. encryption
  4. stenography

Answer(s): D



Why is encryption challenging to security monitoring?

  1. Encryption analysis is used by attackers to monitor VPN tunnels.
  2. Encryption is used by threat actors as a method of evasion and obfuscation.
  3. Encryption introduces additional processing requirements by the CPU.
  4. Encryption introduces larger packet sizes to analyze and store.

Answer(s): B



An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is up to date; there are no alerts from antivirus and no failed login attempts.
What is causing the lack of data visibility needed to detect the attack?

  1. The threat actor used a dictionary-based password attack to obtain credentials.
  2. The threat actor gained access to the system by known credentials.
  3. The threat actor used the teardrop technique to confuse and crash login services.
  4. The threat actor used an unknown vulnerability of the operating system that went undetected.

Answer(s): B






Post your Comments and Discuss Cisco 200-201 exam prep with other Community members:

Join the 200-201 Discussion