Free Access Cisco.200-201.v2022-05-06.q84 Practice Test (Page 14)

Question 61

Which step in the incident response process researches an attacking host through logs in a SIEM?

A.detection and analysis

B.preparation

C.eradication

D.containment

Question 62

Refer to the exhibit.

What should be interpreted from this packet capture?

A.81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.

B.81.179.179.69 is sending a packet from port 50272 to port 80 of IP address 192.168.122.100 using TCP UDP protocol.

C.192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.

D.192.168.122.100 is sending a packet from port 80 to port 50272 of IP address 81.179.179.69 using UDP protocol.

Question 63

What is the impact of false positive alerts on business compared to true positive?

A.True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them.

B.True-positive alerts are blocked by mistake as potential attacks, while False-positives are actual attacks Identified as harmless.

C.False positives alerts are manually ignored signatures to avoid warnings that are already acknowledged, while true positives are warnings that are not yet acknowledged.

D.False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.

Question 64

Refer to the exhibit.

An engineer received an event log file to review. Which technology generated the log?

A.IDS/IPS

B.NetFlow

C.proxy

D.firewall

Question 65

Which artifact is used to uniquely identify a detected file?

A.file hash

B.file extension

C.file timestamp

D.file size

Premium Bundle

Newest 200-201 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing 200-201 Exam! BraindumpsPass.com now offer the updated 200-201 exam dumps, the BraindumpsPass.com 200-201 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com 200-201 pdf dumps with Exam Engine here:

Access 200-201 Premium Version

(452 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 648Cisco.200-201.v2024-06-19.q203; 3030Cisco.200-201.v2022-10-01.q136; 4150Cisco.200-201.v2022-07-23.q146; 2705Cisco.200-201.v2022-03-15.q128; 1832Cisco.200-201.v2021-10-07.q53; 53Cisco.Passtestking.200-201.v2021-09-23.by.hilary.105q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 119Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 229CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50