web analytics

[10-Mar-2021] New 2020 CyberOps 200-201 CBROPS Dumps with VCE and PDF from PassLeader (Update Questions)

New 2020 CyberOps 200-201 CBROPS exam questions from PassLeader 200-201 dumps! Welcome to download the newest PassLeader 200-201 VCE and PDF dumps: https://www.passleader.com/200-201.html (143 Q&As –> 171 Q&As –> 200 Q&As)

P.S. Free 2020 CyberOps 200-201 CBROPS dumps are available on Google Drive shared by PassLeader: https://drive.google.com/drive/folders/1aj2ghGnPncHmi8GRgirxCZe31EXkG8nR

NEW QUESTION 121
A network engineer discovers that a foreign government hacked one of the defense contractors in their home country and stole intellectual property. What is the threat agent in this situation?

A.    the intellectual property that was stolen
B.    the defense contractor who stored the intellectual property
C.    the method used to conduct the attack
D.    the foreign government that conducted the attack

Answer: D

NEW QUESTION 122
What is the practice of giving an employee access to only the resources needed to accomplish their job?

A.    principle of least privilege
B.    organizational separation
C.    separation of duties
D.    need to know principle

Answer: A

NEW QUESTION 123
Which metric is used to capture the level of access needed to launch a successful attack?

A.    privileges required
B.    user interaction
C.    attack complexity
D.    attack vector

Answer: A

NEW QUESTION 124
What is the difference between an attack vector and attack surface?

A.    An attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions.
B.    An attack vector identifies components that can be exploited; and an attack surface identifies the potential path an attack can take to penetrate the network.
C.    An attack surface recognizes which network parts are vulnerable to an attack; and an attack vector identifies which attacks are possible with these vulnerabilities.
D.    An attack vector identifies the potential outcomes of an attack; and an attack surface launches an attack using several methods against the identified vulnerabilities.

Answer: C

NEW QUESTION 125
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?

A.    scope
B.    confidentiality
C.    availability
D.    integrity

Answer: D

NEW QUESTION 126
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver. Which event category is described?

A.    reconnaissance
B.    installation
C.    action on objectives
D.    exploitation

Answer: B

NEW QUESTION 127
What specific type of analysis is assigning values to the scenario to see expected outcomes?

A.    deterministic
B.    exploratory
C.    probabilistic
D.    descriptive

Answer: A

NEW QUESTION 128
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?

A.    fragmentation
B.    pivoting
C.    encryption
D.    stenography

Answer: D

NEW QUESTION 129
Why is encryption challenging to security monitoring?

A.    Encryption analysis is used by attackers to monitor VPN tunnels.
B.    Encryption is used by threat actors as a method of evasion and obfuscation.
C.    Encryption introduces additional processing requirements by the CPU.
D.    Encryption introduces larger packet sizes to analyze and store.

Answer: B

NEW QUESTION 130
What is an example of social engineering attacks?

A.    Receiving an unexpected email from an unknown person with an uncharacteristic attachment from someone in the same company.
B.    Receiving an email from human resources requesting a visit to their secure website to update contact information.
C.    Sending a verbal request to an administrator who knows how to change an account password.
D.    Receiving an invitation to the department’s weekly WebEx meeting.

Answer: B

NEW QUESTION 131
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?

A.    syslog messages
B.    full packet capture
C.    NetFlow
D.    firewall event logs

Answer: C

NEW QUESTION 132
Which action prevents buffer overflow attacks?

A.    variable randomization
B.    using web based applications
C.    input sanitization
D.    using a Linux operating system

Answer: C

NEW QUESTION 133
Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IP phones?

A.    known-plaintext
B.    replay
C.    dictionary
D.    man-in-the-middle

Answer: D

NEW QUESTION 134
What are the two characteristics of the full packet captures? (Choose two.)

A.    Identifying network loops and collision domains.
B.    Troubleshooting the cause of security and performance issues.
C.    Reassembling fragmented traffic from raw data.
D.    Detecting common hardware faults and identify faulty assets.
E.    Providing a historical record of a network transaction.

Answer: CE

NEW QUESTION 135
A security expert is working on a copy of the evidence, an ISO file that is saved in CDFS format. Which type of evidence is this file?

A.    CD data copy prepared in Windows.
B.    CD data copy prepared in Mac-based system.
C.    CD data copy prepared in Linux system.
D.    CD data copy prepared in Android-based system.

Answer: C

NEW QUESTION 136
Which incidence response step includes identifying all hosts affected by an attack?

A.    detection and analysis
B.    post-incident activity
C.    preparation
D.    containment and eradication and recovery

Answer: D

NEW QUESTION 137
Which event artifact is used to identify HTTP GET requests for a specific file?

A.    destination IP address
B.    URI
C.    HTTP status code
D.    TCP ACK

Answer: B

NEW QUESTION 138
An analyst received an alert on their desktop computer showing that an attack was successful on the host. After investigating, the analyst discovered that no mitigation action occurred during the attack. What is the reason for this discrepancy?

A.    The computer has a HIPS installed on it.
B.    The computer has a NIPS installed on it.
C.    The computer has a HIDS installed on it.
D.    The computer has a NIDS installed on it.

Answer: C

NEW QUESTION 139
What does cyber attribution identify in an investigation?

A.    exploit of an attack
B.    threat actors of an attack
C.    vulnerabilities exploited
D.    cause of an attack

Answer: B

NEW QUESTION 140
Which system monitors local system operation and local network access for violations of a security policy?

A.    host-based intrusion detection
B.    systems-based sandboxing
C.    host-based firewall
D.    antivirus

Answer: C

NEW QUESTION 141
……


New 2020 CyberOps 200-201 CBROPS exam questions from PassLeader 200-201 dumps! Welcome to download the newest PassLeader 200-201 VCE and PDF dumps: https://www.passleader.com/200-201.html (143 Q&As –> 171 Q&As –> 200 Q&As)

P.S. Free 2020 CyberOps 200-201 CBROPS dumps are available on Google Drive shared by PassLeader: https://drive.google.com/drive/folders/1aj2ghGnPncHmi8GRgirxCZe31EXkG8nR