New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Pass Using 200-201 Exam Dumps

Page: 11 / 24
Question 44

A security engineer has a video of a suspect entering a data center that was captured on the same day that files in the same data center were transferred to a competitor.

Which type of evidence is this?

Options:

A.

best evidence

B.

prima facie evidence

C.

indirect evidence

D.

physical evidence

Question 45

Which two elements of the incident response process are stated in NIST SP 800-61 r2? (Choose two.)

Options:

A.

detection and analysis

B.

post-incident activity

C.

vulnerability scoring

D.

vulnerability management

E.

risk assessment

Question 46

A user received an email attachment named "Hr405-report2609-empl094.exe" but did not run it. Which category of the cyber kill chain should be assigned to this type of event?

Options:

A.

installation

B.

reconnaissance

C.

weaponization

D.

delivery

Question 47

An engineer is working on a ticket for an incident from the incident management team A week ago. an external web application was targeted by a DDoS attack Server resources were exhausted and after two hours it crashed. An engineer was able to identify the attacker and technique used Three hours after the attack, the server was restored and the engineer recommended implementing mitigation by Blackhole filtering and transferred the incident ticket back to the IR team According to NIST SP800-61, at which phase of the incident response did the engineer finish work?

Options:

A.

preparation

B.

post-incident activity

C.

containment eradication and recovery

D.

detection and analysis

Page: 11 / 24
Exam Code: 200-201
Exam Name: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Last Update: Dec 23, 2024
Questions: 331
200-201 pdf

200-201 PDF

$28.5  $94.99
200-201 Engine

200-201 Testing Engine

$33  $109.99
200-201 PDF + Engine

200-201 PDF + Testing Engine

$43.5  $144.99