Cisco 200-201 Quiz 4 Topic 6 Questions 16-20

Question: 1

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

Asequence numbers

BIP identifier

C5-tuple

Dtimestamps

Show Answer

Question: 2

Which evasion technique is a function of ransomware?

Aextended sleep calls

Bencryption

Cresource exhaustion

Dencoding

Show Answer

Question: 3

Refer to the exhibit.

q3_200-201

Which component is identifiable in this exhibit?

ATrusted Root Certificate store on the local machine

BWindows PowerShell verb

CWindows Registry hive

Dlocal service in the Windows Services Manager

Show Answer

Question: 4

W[^t is vulnerability management?

AA security practice focused on clarifying and narrowing intrusion points.

BA security practice of performing actions rather than acknowledging the threats.

CA process to identify and remediate existing weaknesses.

DA process to recover from service interruptions and restore business-critical applications

Show Answer

Question: 5

A security expert is working on a copy of the evidence, an ISO file that is saved in CDFS format. Which type of evidence is this file?

ACD data copy prepared in Windows

BCD data copy prepared in Mac-based system

CCD data copy prepared in Linux system

DCD data copy prepared in Android-based system

Show Answer

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

Which evasion technique is a function of ransomware?

Refer to the exhibit.
Which component is identifiable in this exhibit?

W[^t is vulnerability management?

A security expert is working on a copy of the evidence, an ISO file that is saved in CDFS format. Which type of evidence is this file?

Cisco 200-201 Quiz:4 Topic:6 Questions:16-20

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

Which evasion technique is a function of ransomware?

Refer to the exhibit.Which component is identifiable in this exhibit?

W[^t is vulnerability management?

A security expert is working on a copy of the evidence, an ISO file that is saved in CDFS format. Which type of evidence is this file?

Cisco 200-201 Quiz:4 Topic:6 Questions:16-20

Refer to the exhibit.
Which component is identifiable in this exhibit?