Cisco 200-201 Practice Exams
Last updated on Apr 12,2025 - Exam Code: 200-201
- Exam Name: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
- Certification Provider: Cisco
- Latest update: Apr 12,2025
What is the difference between the ACK flag and the RST flag in the NetFlow log session?
- A . The RST flag confirms the beginning of the TCP connection, and the ACK flag responds when the data for the payload is complete
- B . The ACK flag confirms the beginning of the TCP connection, and the RST flag responds when the data for the payload is complete
- C . The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection
- D . The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
Which security principle requires more than one person is required to perform a critical task?
- A . least privilege
- B . need to know
- C . separation of duties
- D . due diligence
When communicating via TLS, the client initiates the handshake to the server and the server
responds back with its certificate for identification.
Which information is available on the server certificate?
- A . server name, trusted subordinate CA, and private key
- B . trusted subordinate CA, public key, and cipher suites
- C . trusted CA name, cipher suites, and private key
- D . server name, trusted CA, and public key
What is the relationship between a vulnerability and a threat?
- A . A threat exploits a vulnerability
- B . A vulnerability is a calculation of the potential loss caused by a threat
- C . A vulnerability exploits a threat
- D . A threat is a calculation of the potential loss caused by a vulnerability
What causes events on a Windows system to show Event Code 4625 in the log messages?
- A . The system detected an XSS attack
- B . Someone is trying a brute force attack on the network
- C . Another device is gaining root access to the system
- D . A privileged user successfully logged into the system
Which evasion technique is a function of ransomware?
- A . extended sleep calls
- B . encryption
- C . resource exhaustion
- D . encoding
Which system monitors local system operation and local network access for violations of a security policy?
- A . host-based intrusion detection
- B . systems-based sandboxing
- C . host-based firewall
- D . antivirus
Which security principle is violated by running all processes as root or administrator?
- A . principle of least privilege
- B . role-based access control
- C . separation of duties
- D . trusted computing base
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
- A . decision making
- B . rapid response
- C . data mining
- D . due diligence
Which action prevents buffer overflow attacks?
- A . variable randomization
- B . using web based applications
- C . input sanitization
- D . using a Linux operating system