New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Pearson 200-201 New Attempt

Page: 7 / 24
Question 28

An engineer is analyzing a recent breach where confidential documents were altered and stolen by the receptionist. Further analysis shows that the threat actor connected an externa USB device to bypass security restrictions and steal data. The engineer could not find an external USB device Which piece of information must an engineer use for attribution in an investigation?

Options:

A.

list of security restrictions and privileges boundaries bypassed

B.

external USB device

C.

receptionist and the actions performed

D.

stolen data and its criticality assessment

Question 29

A security engineer deploys an enterprise-wide host/endpoint technology for all of the company's corporate PCs. Management requests the engineer to block a selected set of applications on all PCs.

Which technology should be used to accomplish this task?

Options:

A.

application whitelisting/blacklisting

B.

network NGFW

C.

host-based IDS

D.

antivirus/antispyware software

Question 30

What is a difference between SOAR and SIEM?

Options:

A.

SOAR platforms are used for threat and vulnerability management, but SIEM applications are not

B.

SIEM applications are used for threat and vulnerability management, but SOAR platforms are not

C.

SOAR receives information from a single platform and delivers it to a SIEM

D.

SIEM receives information from a single platform and delivers it to a SOAR

Question 31

An engineer is working with the compliance teams to identify the data passing through the network. During analysis, the engineer informs the compliance team that external penmeter data flows contain records, writings, and artwork Internal segregated network flows contain the customer choices by gender, addresses, and product preferences by age. The engineer must identify protected data. Which two types of data must be identified'? (Choose two.)

Options:

A.

SOX

B.

PII

C.

PHI

D.

PCI

E.

copyright

Page: 7 / 24
Exam Code: 200-201
Exam Name: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Last Update: Dec 23, 2024
Questions: 331
200-201 pdf

200-201 PDF

$28.5  $94.99
200-201 Engine

200-201 Testing Engine

$33  $109.99
200-201 PDF + Engine

200-201 PDF + Testing Engine

$43.5  $144.99