200-201試験無料問題集「Cisco Understanding Cisco Cybersecurity Operations Fundamentals 認定」

A. network downtime report

B. application logs

C. full packet capture

D. session data

A. managing and keeping previous patches lists documented for audit purposes

B. process of appropriate distribution of system or software updates

C. workflow of distributing mitigations of newly found vulnerabilities

D. scanning servers and workstations for missing patches and vulnerabilities

A. input sanitization

B. variable randomization

C. using a Linux operating system

D. using web based applications

A. NetFlow

B. firewall

C. dnstools

D. tcpdump

A. application block list

B. sandbox

C. application allow list

D. host-based firewall

A. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself

B. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit

C. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself.

D. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause.

A. least privilege

B. due diligence

C. integrity validation

D. need to know

A. An attack vector identifies the potential outcomes of an attack; and an attack surface launches an attack using several methods against the identified vulnerabilities.

B. An attack surface recognizes which network parts are vulnerable to an attack; and an attack vector identifies which attacks are possible with these vulnerabilities.

C. An attack vector identifies components that can be exploited, and an attack surface identifies the potential path an attack can take to penetrate the network.

D. An attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions.

A. cyclical approach of identifying classifying and mitigating software vulnerabilities

B. systems engineering process for establishing and preserving consistency of a product's performance

C. securely observe and supervise devices that access sensitive enterprise data

D. involves the deployment of hotfixes and patches that are released from time to time

A. SOAR collects and stores security data at a central point and then converts it into actionable intelligence, and SIEM enables SOC teams to automate and orchestrate manual tasks

B. SIEM combines data collecting, standardization, case management, and analytics for a defense-in-depth concept, and SOAR collects security data antivirus logs, firewall logs, and hashes of downloaded files

C. SIEM raises alerts in the event of detecting any suspicious activity, and SOAR automates investigation path workflows and reduces time spent on alerts

D. SOAR ingests numerous types of logs and event data infrastructure components and SIEM can fetch data from endpoint security software and external threat intelligence feeds

A. Rule-based Is based on assumptions and statistical uses data Known beforehand.

B. Statistical uses the probability approach while rule-based Is based on measured data.

C. Statistical is based on measured data while rule-based uses the evaluated probability approach.

D. Rule-based uses data known beforehand and statistical is based on assumptions.