Free Cisco 200-201 Exam Questions

Become Cisco Certified with updated 200-201 exam questions and correct answers

Page: 1 / 82

Total 406 Questions | Updated On: Nov 11, 2024

Add To Cart

Question 1

Refer to the exhibit.

What must be interpreted from this packet capture?

A : IP address 192.168.88 12 is communicating with 192 168 88 149 with a source port 74 to destination port 49098 using TCP protocol

B : IP address 192.168.88.12 is communicating with 192 168 88 149 with a source port 49098 to destination port 80 using TCP protocol.

C : IP address 192.168.88.149 is communicating with 192.168 88.12 with a source port 80 to destination port 49098 using TCP protocol.

D : IP address 192.168.88.149 is communicating with 192.168.88.12 with a source port 49098 to destination port 80 using TCP protocol.

Answer: B

Question 2

Refer to the exhibit.

An analyst was given a PCAP file, which is associated with a recent intrusion event in the company FTP server Which display filters should the analyst use to filter the FTP traffic?

A : dstport == FTP

B : tcp.port==21

C : tcpport = FTP

D : dstport = 21

Answer: C

Question 3

Refer to exhibit.

An analyst performs the analysis of the pcap file to detect the suspicious activity. What challenges did the analyst face in terms of data visibility?

A : data encapsulation

B : code obfuscation

C : data encryption

D : IP fragmentation

Answer: C

Question 4

Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?

A : dify the settings of the intrusion detection system.

B : ign criteria for reviewing alerts.

C : define signature rules

D : just the alerts schedule.

Answer: A

Question 5

Which incidence response step includes identifying all hosts affected by an attack?

A : tection and analysis

B : t-incident activity

C : eparation

D : ntainment, eradication, and recovery

Answer: D

Page: 1 / 82

Total 406 Questions | Updated On: Nov 11, 2024

Add To Cart