Cisco 200-201 - Understanding Cisco Cybersecurity Operations Fundamentals Certification Exam
Question #1 (Topic: demo questions)
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
Correct Answer: A
Explanation:
Decision making is a principle that guides an analyst to gather information relevant to a security incident to determine the appropriate course of action. Decision making involves identifying the problem, defining the criteria, analyzing the alternatives, and choosing the best solution. Decision making helps an analyst to respond to an incident effectively and efficiently, while minimizing the impact and risk to the organization. Reference: https://learningnetworkstore.cisco.com/on-demand e-learning/understanding-cisco-cybersecurity-operations-fundamentals-cbrops-v1.0/CSCU-LP CBROPS-V1-028093.html (Module 3: Security Monitoring, Lesson 3.1: Security Operations Center)
Question #2 (Topic: demo questions)
What is a benefit of agent-based protection when compared to agentless protection?
Correct Answer: C
Explanation not available for this question.
Question #3 (Topic: demo questions)
How is attacking a vulnerability categorized?
Correct Answer: C
Explanation:
Attacking a vulnerability is categorized as exploitation, which is the third phase of the cyberattack lifecycle. Exploitation is the process of taking advantage of a vulnerability in a system, application, or network to gain access, escalate privileges, or execute commands. Action on objectives, delivery, and installation are other phases of the cyberattack lifecycle, but they do not involve attacking a vulnerability. Action on objectives is the final phase, where the attacker achieves their goal, such as stealing data, disrupting services, or destroying assets. Delivery is the second phase, where the attacker delivers the malicious payload, such as malware, phishing email, or malicious link, to the target. Installation is the fourth phase, where the attacker installs the malicious payload on the compromised system or network to maintain persistence or spread laterally. Reference: What is a Cyberattack? | IBM, Recognizing the seven stages of a cyber-attack - DNV
Question #4 (Topic: demo questions)
Which security principle requires more than one person is required to perform a critical task?
Correct Answer: C
Explanation:
Separation of duties is a security principle that requires more than one person to perform a critical task, such as authorizing a transaction, approving a budget, or granting access to sensitive data. Separation of duties reduces the risk of fraud, error, abuse, or conflict of interest by preventing any single person from having too much power or privilege. Least privilege, need to know, and due diligence are other security principles, but they do not require more than one person to perform a critical task. Reference: Separation of Duty (SOD) - Glossary | CSRC - NIST Computer Security …, Separation of Duties | Imperva
Question #5 (Topic: demo questions)
Which event is user interaction?
Correct Answer: D
Explanation: