Cisco® 200-201 Exam Practice Questions (P. 3)
- Full Access (462 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #21
What is the difference between a threat and a risk?
- AThreat represents a potential danger that could take advantage of a weakness, while the risk is the likelihood of a compromise or damage of an asset.
- BRisk represents the known and identified loss or danger in the system, while threat is a non-identified impact of possible risks.
- CRisk is the unintentional possibility of damages or harm to infrastructure, while the threats are certain and intentional.
- DThreat is a state of being exposed to an attack or a compromise, while risk is the calculation of damage or potential loss affecting the organization from an exposure.
Correct Answer:
A
A
send
light_mode
delete
Question #22
Which attack method intercepts traffic on a switched network?
- Adenial of service
- BARP cache poisoningMost Voted
- CDHCP snooping
- Dcommand and control
Correct Answer:
C
C
send
light_mode
delete
Question #23
What does an attacker use to determine which network ports are listening on a potential target device?
- Aman-in-the-middle
- Bport scanningMost Voted
- CSQL injection
- Dping sweep
Correct Answer:
B
B
send
light_mode
delete
Question #24
What is a purpose of a vulnerability management framework?
- Aidentifies, removes, and mitigates system vulnerabilities
- Bdetects and removes vulnerabilities in source code
- Cconducts vulnerability scans on the network
- Dmanages a list of reported vulnerabilities
Correct Answer:
A
A
send
light_mode
delete
Question #25
A network engineer discovers that a foreign government hacked one of the defense contractors in their home country and stole intellectual property. What is the threat agent in this situation?
- Athe intellectual property that was stolen
- Bthe defense contractor who stored the intellectual property
- Cthe method used to conduct the attackMost Voted
- Dthe foreign government that conducted the attack
Correct Answer:
D
D
send
light_mode
delete
Question #26
What is the practice of giving an employee access to only the resources needed to accomplish their job?
- Aprinciple of least privilege
- Borganizational separation
- Cseparation of duties
- Dneed to know principle
Correct Answer:
A
A
send
light_mode
delete
Question #27
Which metric is used to capture the level of access needed to launch a successful attack?
- Aprivileges required
- Buser interaction
- Cattack complexity
- Dattack vectorMost Voted
Correct Answer:
A
A
send
light_mode
delete
Question #28
What is the difference between an attack vector and an attack surface?
- AAn attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions.
- BAn attack vector identifies components that can be exploited; and an attack surface identifies the potential path an attack can take to penetrate the network.
- CAn attack surface recognizes which network parts are vulnerable to an attack; and an attack vector identifies which attacks are possible with these vulnerabilities.Most Voted
- DAn attack vector identifies the potential outcomes of an attack; and an attack surface launches an attack using several methods against the identified vulnerabilities.
Correct Answer:
C
C
send
light_mode
delete
Question #29
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
send
light_mode
delete
Question #30
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver. Which event category is described?
- Areconnaissance
- Baction on objectives
- Cinstallation
- DexploitationMost Voted
Correct Answer:
C
C
send
light_mode
delete
All Pages