New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CyberOps Associate 200-201 Reddit Questions

Page: 10 / 24
Question 40

A company is using several network applications that require high availability and responsiveness, such that milliseconds of latency on network traffic is not acceptable. An engineer needs to analyze the network and identify ways to improve traffic movement to minimize delays. Which information must the engineer obtain for this analysis?

Options:

A.

total throughput on the interface of the router and NetFlow records

B.

output of routing protocol authentication failures and ports used

C.

running processes on the applications and their total network usage

D.

deep packet captures of each application flow and duration

Question 41

An offline audit log contains the source IP address of a session suspected to have exploited a vulnerability resulting in system compromise.

Which kind of evidence is this IP address?

Options:

A.

best evidence

B.

corroborative evidence

C.

indirect evidence

D.

forensic evidence

Question 42

Which filter allows an engineer to filter traffic in Wireshark to further analyze the PCAP file by only showing the traffic for LAN 10.11.x.x, between workstations and servers without the Internet?

Options:

A.

src=10.11.0.0/16 and dst=10.11.0.0/16

B.

ip.src==10.11.0.0/16 and ip.dst==10.11.0.0/16

C.

ip.src=10.11.0.0/16 and ip.dst=10.11.0.0/16

D.

src==10.11.0.0/16 and dst==10.11.0.0/16

Question 43

What makes HTTPS traffic difficult to monitor?

Options:

A.

SSL interception

B.

packet header size

C.

signature detection time

D.

encryption

Page: 10 / 24
Exam Code: 200-201
Exam Name: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Last Update: Dec 23, 2024
Questions: 331
200-201 pdf

200-201 PDF

$28.5  $94.99
200-201 Engine

200-201 Testing Engine

$33  $109.99
200-201 PDF + Engine

200-201 PDF + Testing Engine

$43.5  $144.99