Free Practice Questions for Cisco 200-201 Exam

Which vulnerability type is used to read, write, or erase information from a database?

• cross-site scripting
• cross-site request forgery
• buffer overflow
• SQL injection

Which attack method is being used when an attacker tries to compromise a network with an authentication system that uses only 4-digit numeric passwords and no username?

• SQL injection
• dictionary
• replay
• cross-site scripting

Refer to the exhibit.A suspicious IP address is tagged by Threat Intelligence as a brute-force attempt source After the attacker produces many of failed login entries, it successfully compromises the account. Which stakeholder is responsible for the incident response detection step?

• employee 5
• employee 3
• employee 4
• employee 2

What is the difference between discretionary access control (DAC) and role-based access control (RBAC)?

• DAC requires explicit authorization for a given user on a given object, and RBAC requires specific conditions.
• RBAC access is granted when a user meets specific conditions, and in DAC, permissions are applied on user and group levels.
• RBAC is an extended version of DAC where you can add an extra level of authorization based on time.
• DAC administrators pass privileges to users and groups, and in RBAC, permissions are applied to specific groups

An engineer must configure network systems to detect command-and-control communications by decrypting ingress and egress perimeter traffic and allowing network security devices to detect malicious outbound communications. Which technology must be used to accomplish this task?

• static IP addresses
• signatures
• digital certificates
• cipher suite

What is rule-based detection when compared to statistical detection?

• proof of a user's identity
• proof of a user's action
• likelihood of user's action
• falsification of a user's identity

A company is using several network applications that require high availability and responsiveness, such that milliseconds of latency on network traffic is not acceptable. An engineer needs to analyze the network and identify ways to improve traffic movement to minimize delays. Which information must the engineer obtain for this analysis?

• total throughput on the interface of the router and NetFlow records
• output of routing protocol authentication failures and ports used
• running processes on the applications and their total network usage
• deep packet captures of each application flow and duration

Refer to the exhibit.What is the potential threat identified in this Stealthwatch dashboard?

• A policy violation is active for host 10.10.101.24.
• A host on the network is sending a DDoS attack to another inside host.
• There are two active data exfiltration alerts.
• A policy violation is active for host 10.201.3.149.

What is the difference between inline traffic interrogation and traffic mirroring?

• Inline interrogation is less complex as traffic mirroring applies additional tags to data.
• Traffic mirroring copies the traffic rather than forwarding it directly to the analysis tools
• Inline replicates the traffic to preserve integrity rather than modifying packets before sending them to other analysis tools.
• Traffic mirroring results in faster traffic analysis and inline is considerably slower due to latency.

What is a sandbox interprocess communication service?

• A collection of rules within the sandbox that prevent the communication between sandboxes.
• A collection of network services that are activated on an interface, allowing for inter-port communication.
• A collection of interfaces that allow for coordination of activities among processes.
• A collection of host services that allow for communication between sandboxes.