New 2020 CyberOps 200-201 CBROPS exam questions from PassLeader 200-201 dumps! Welcome to download the newest PassLeader 200-201 VCE and PDF dumps: https://www.passleader.com/200-201.html (113 Q&As –> 143 Q&As –> 171 Q&As –> 200 Q&As –> 235 Q&As –> 261 Q&As –> 287 Q&As –> 365 Q&As –> 424 Q&As)
P.S. Free 2020 CyberOps 200-201 CBROPS dumps are available on Google Drive shared by PassLeader: https://drive.google.com/drive/folders/1aj2ghGnPncHmi8GRgirxCZe31EXkG8nR
NEW QUESTION 1
What is the function of a command and control server?
A. It enumerates open ports on a network device.
B. It drops secondary payload into malware.
C. It is used to regain control of the network after a compromise.
D. It sends instruction to a compromised system.
Answer: D
NEW QUESTION 2
Which tool is commonly used by threat actors on a webpage to take advantage of the softwarevulnerabilitiesof a system to spread malware?
A. exploit kit
B. root kit
C. vulnerability kit
D. script kiddie kit
Answer: A
NEW QUESTION 3
A security engineer has a video of a suspect entering a data center that was captured on the same day that files in the same data center were transferred to a competitor. Which type of evidence is this?
A. best evidence
B. prima facie evidence
C. indirect evidence
D. physical evidence
Answer: C
NEW QUESTION 4
Which type of evidence supports a theory or an assumption that results from initial evidence?
A. probabilistic
B. indirect
C. best
D. corroborative
Answer: D
NEW QUESTION 5
Which two elements are assets in the role of attribution in an investigation? (Choose two.)
A. context
B. session
C. laptop
D. firewall logs
E. threat actor
Answer: AE
NEW QUESTION 6
Which process is used when IPS events are removed to improve data integrity?
A. data availability
B. data normalization
C. data signature
D. data protection
Answer: B
NEW QUESTION 7
What are three key components of a threat-centric SOC? (Choose three.)
A. people
B. compliances
C. processes
D. regulations
E. technologies
Answer: ACE
NEW QUESTION 8
Which two components reduce the attack surface on an endpoint? (Choose two.)
A. secure boot
B. load balancing
C. increased audit log levels
D. restricting USB ports
E. full packet captures at the endpoint
Answer: AD
NEW QUESTION 9
Which term represents a potential danger that could take advantage of a weakness in a system?
A. vulnerability
B. risk
C. threat
D. exploit
Answer: C
NEW QUESTION 10
How does an attacker observe network traffic exchanged between two users?
A. port scanning
B. man-in-the-middle
C. command injection
D. denial of service
Answer: B
NEW QUESTION 11
Which type of exploit normally requires the culprit to have prior access to the target system?
A. local exploit
B. denial of service
C. system vulnerability
D. remote exploit
Answer: A
NEW QUESTION 12
At which layer is deep packet inspection investigated on a firewall?
A. internet
B. transport
C. application
D. data link
Answer: C
NEW QUESTION 13
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
A. CSIRT
B. PSIRT
C. public affairs
D. management
Answer: D
NEW QUESTION 14
Which of the following access control models use security labels to make access decisions?
A. Mandatory Access Control (MAC)
B. Role-based Access Control (RBAC)
C. Identity-based Access Control (IBAC)
D. Discretionary Access Control (DAC)
Answer: A
NEW QUESTION 15
How is attacking a vulnerability categorized?
A. action on objectives
B. delivery
C. exploitation
D. installation
Answer: C
NEW QUESTION 16
What two are examples of UDP-based attacks? (Choose two.)
A. SYN flood
B. SQL slammer
C. UDP flooding
D. MAC address flooding
Answer: BC
NEW QUESTION 17
What are two social engineering techniques? (Choose two.)
A. privilege escalation
B. DDoS attack
C. phishing
D. man-in-the-middle
E. pharming
Answer: CE
NEW QUESTION 18
A malicious file has been identified in a sandbox analysis tool. Which piece of information is needed to search for additional downloads of this file by other hosts?
A. file type
B. file size
C. file name
D. file hash value
Answer: D
NEW QUESTION 19
Which two elements are used for profiling a network? (Choose two.)
A. session duration
B. total throughput
C. running processes
D. listening ports
E. OS fingerprint
Answer: DE
NEW QUESTION 20
A security engineer deploys an enterprise-wide host/endpoint technology for all of the company’s corporate PCs. Management requests the engineer to block a selected set of applications on all PCs. Which technology should be used to accomplish this task?
A. application whitelisting/blacklisting
B. network NGFW
C. host-based IDS
D. antivirus/antispyware software
Answer: A
NEW QUESTION 21
……
New 2020 CyberOps 200-201 CBROPS exam questions from PassLeader 200-201 dumps! Welcome to download the newest PassLeader 200-201 VCE and PDF dumps: https://www.passleader.com/200-201.html (113 Q&As –> 143 Q&As –> 171 Q&As –> 200 Q&As –> 235 Q&As –> 261 Q&As –> 287 Q&As –> 365 Q&As –> 424 Q&As)
P.S. Free 2020 CyberOps 200-201 CBROPS dumps are available on Google Drive shared by PassLeader: https://drive.google.com/drive/folders/1aj2ghGnPncHmi8GRgirxCZe31EXkG8nR
