• Home
  • Articles
  • 200-201 Dumps for Pass Guaranteed - Pass 200-201 Exam 2023 [Q108-Q126]

200-201 Dumps for Pass Guaranteed - Pass 200-201 Exam 2023 [Q108-Q126]

Share

200-201 Dumps for Pass Guaranteed - Pass 200-201 Exam 2023

200-201 Exam Dumps - Try Best 200-201 Exam Questions from Training Expert PracticeDump

NEW QUESTION 108
Which two pieces of information are collected from the IPv4 protocol header? (Choose two.)

  • A. UDP port to which the traffic is destined
  • B. UDP port from which the traffic is sourced
  • C. destination IP address of the packet
  • D. TCP port from which the traffic was sourced
  • E. source IP address of the packet

Answer: C,E

 

NEW QUESTION 109
What is a difference between SIEM and SOAR?

  • A. SOAR's primary function is to collect and detect anomalies, while SIEM is more focused on security operations automation and response.
  • B. SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation.
  • C. SlEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response.
  • D. SIEM predicts and prevents security alerts, while SOAR checks attack patterns and applies the mitigation.

Answer: A

 

NEW QUESTION 110
When communicating via TLS, the client initiates the handshake to the server and the server responds back with its certificate for identification.
Which information is available on the server certificate?

  • A. trusted subordinate CA, public key, and cipher suites
  • B. trusted CA name, cipher suites, and private key
  • C. server name, trusted subordinate CA, and private key
  • D. server name, trusted CA, and public key

Answer: D

 

NEW QUESTION 111
What is threat hunting?

  • A. Attempting to deliberately disrupt servers by altering their availability
  • B. Managing a vulnerability assessment report to mitigate potential threats.
  • C. Pursuing competitors and adversaries to infiltrate their system to acquire intelligence data.
  • D. Focusing on proactively detecting possible signs of intrusion and compromise.

Answer: D

 

NEW QUESTION 112
Which are two denial-of-service attacks? (Choose two.)

  • A. ping of death
  • B. TCP connections
  • C. code-red
  • D. man-in-the-middle
  • E. UDP flooding

Answer: A,E

 

NEW QUESTION 113
What is personally identifiable information that must be safeguarded from unauthorized access?

  • A. gender
  • B. zip code
  • C. date of birth
  • D. driver's license number

Answer: D

 

NEW QUESTION 114
Which system monitors local system operation and local network access for violations of a security policy?

  • A. host-based firewall
  • B. host-based intrusion detection
  • C. systems-based sandboxing
  • D. antivirus

Answer: B

Explanation:
Explanation
HIDS is capable of monitoring the internals of a computing system as well as the network packets on its network interfaces. Host-based firewall is a piece of software running on a single Host that can restrict incoming and outgoing Network activity for that host only.

 

NEW QUESTION 115
Refer to the exhibit.

What should be interpreted from this packet capture?

  • A. 192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.
  • B. 81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.
  • C. 192.168.122.100 is sending a packet from port 80 to port 50272 of IP address 81.179.179.69 using UDP protocol.
  • D. 81.179.179.69 is sending a packet from port 50272 to port 80 of IP address 192.168.122.100 using TCP UDP protocol.

Answer: A

 

NEW QUESTION 116
How does statistical detection differ from rule-based detection?

  • A. Statistical detection defines legitimate data over time, and rule-based detection works on a predefined set of rules
  • B. Rule-based detection involves the evaluation of events, and statistical detection requires an evaluated set of events to function Rule-based detection defines
  • C. Statistical detection involves the evaluation of events, and rule-based detection requires an evaluated set of events to function.
  • D. legitimate data over a period of time, and statistical detection works on a predefined set of rules

Answer: A

 

NEW QUESTION 117
What is the difference between a threat and an exploit?

  • A. A threat is a result of utilizing flow in a system, and an exploit is a result of gaining control over the system.
  • B. A threat is a potential attack on an asset and an exploit takes advantage of the vulnerability of the asset
  • C. An exploit is an attack path, and a threat represents a potential vulnerability
  • D. An exploit is an attack vector, and a threat is a potential path the attack must go through.

Answer: B

 

NEW QUESTION 118
At a company party a guest asks
How is this type of conversation classified?

  • A. Piggybacking
  • B. Password Revelation Strategy
  • C. Social Engineering
  • D. Phishing attack

Answer: B

 

NEW QUESTION 119
A user received a malicious attachment but did not run it.
Which category classifies the intrusion?

  • A. weaponization
  • B. delivery
  • C. reconnaissance
  • D. installation

Answer: B

 

NEW QUESTION 120
A developer is working on a project using a Linux tool that enables writing processes to obtain these required results:
* If the process is unsuccessful, a negative value is returned.
* If the process is successful, 0 value is returned to the child process, and the process ID is sent to the parent process.
Which component results from this operation?

  • A. new process created by parent process
  • B. macros for managing CPU sets
  • C. parent directory name of a file pathname
  • D. process spawn scheduled

Answer: A

Explanation:
Explanation
There are two tasks with specially distinguished process IDs: swapper or sched has process ID 0 and is responsible for paging, and is actually part of the kernel rather than a normal user-mode process. Process ID 1 is usually the init process primarily responsible for starting and shutting down the system. Originally, process ID 1 was not specifically reserved for init by any technical measures: it simply had this ID as a natural consequence of being the first process invoked by the kernel. More recent Unix systems typically have additional kernel components visible as 'processes', in which case PID 1 is actively reserved for the init process to maintain consistency with older systems

 

NEW QUESTION 121
How does an attacker observe network traffic exchanged between two users?

  • A. command injection
  • B. port scanning
  • C. man-in-the-middle
  • D. denial of service

Answer: C

 

NEW QUESTION 122
An analyst is investigating a host in the network that appears to be communicating to a command and control server on the Internet. After collecting this packet capture, the analyst cannot determine the technique and payload used for the communication.

Which obfuscation technique is the attacker using?

  • A. Base64 encoding
  • B. ROT13 encryption
  • C. SHA-256 hashing
  • D. TLS encryption

Answer: D

Explanation:
Explanation
ROT13 is considered weak encryption and is not used with TLS (HTTPS:443). Source:
https://en.wikipedia.org/wiki/ROT13

 

NEW QUESTION 123
Which system monitors local system operation and local network access for violations of a security policy?

  • A. systems-based sandboxing
  • B. host-based intrusion detection
  • C. antivirus
  • D. host-based firewall

Answer: D

 

NEW QUESTION 124

Refer to the exhibit. In which Linux log file is this output found?

  • A. var/log/var.log
  • B. /var/log/dmesg
  • C. /var/log/auth.log
  • D. /var/log/authorization.log

Answer: C

Explanation:
Section: Host-Based Analysis

 

NEW QUESTION 125

Refer to the exhibit. Which two elements in the table are parts of the 5-tuple? (Choose two.)

  • A. First Packet
  • B. Source Port
  • C. Initiator IP
  • D. Initiator User
  • E. Ingress Security Zone

Answer: B,C

 

NEW QUESTION 126
......

Latest 100% Passing Guarantee - Brilliant 200-201 Exam Questions PDF: https://pass4sure.practicedump.com/200-201-exam-questions.html

Related Articles

more
Cisco 200-201 Certification Practice Exam

Copyright © 2026 PracticeDump NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
SAP, Microsoft, Google, Amazon, Certiport, Qualtrics are Registered Trade Mark.
PracticeDump offers only Probable Questions and Answers.
PracticeDump offer learning materials and practice tests created by subject matter experts to assist and help learner prepare for those exams.
All Certification Brands used on the website are owned by the respective brand owners.
PracticeDump does not own or claim any ownership on any of the brands.
The site pass4sure.practicedump.com is in no way affiliated with SAP SE.