1. Home
  2. Cisco
  3. 200-201

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Exam Details

  • Exam Code
    :200-201
  • Exam Name
    :Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
  • Certification
    :CyberOps Associate
  • Vendor
    :Cisco
  • Total Questions
    :406 Q&As
  • Last Updated
    :Apr 07, 2025

Cisco CyberOps Associate 200-201 Questions & Answers

  • Question 121:

    Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?

    A. availability

    B. confidentiality

    C. scope

    D. integrity

  • Question 122:

    What is the practice of giving an employee access to only the resources needed to accomplish their job?

    A. principle of least privilege

    B. organizational separation

    C. separation of duties

    D. need to know principle

  • Question 123:

    What ate two categories of DDoS attacks? (Choose two.)

    A. split brain

    B. scanning

    C. phishing

    D. reflected

    E. direct

  • Question 124:

    Refer to the exhibit.

    An employee received an email from an unknown sender with an attachment and reported it as a phishing attempt. An engineer uploaded the file to Cuckoo for further analysis. What should an engineer interpret from the provided Cuckoo report?

    A. Win32.polip.a.exe is an executable file and should be flagged as malicious.

    B. The file is clean and does not represent a risk.

    C. Cuckoo cleaned the malicious file and prepared it for usage.

    D. MD5 of the file was not identified as malicious.

  • Question 125:

    A company encountered a breach on its web servers using IIS 7 5 Dunng the investigation, an engineer discovered that an attacker read and altered the data on a secure communication using TLS 1 2 and intercepted sensitive information by downgrading a connection to export-grade cryptography. The engineer must mitigate similar incidents in the future and ensure that clients and servers always negotiate with the most secure protocol versions and cryptographic parameters. Which action does the engineer recommend?

    A. Upgrade to TLS v1 3.

    B. Install the latest IIS version.

    C. Downgrade to TLS 1.1.

    D. Deploy an intrusion detection system

  • Question 126:

    Refer to the exhibit.

    Which type of log is displayed?

    A. proxy

    B. NetFlow

    C. IDS

    D. sys

  • Question 127:

    What is an advantage of symmetric over asymmetric encryption?

    A. A key is generated on demand according to data type.

    B. A one-time encryption key is generated for data transmission

    C. It is suited for transmitting large amounts of data.

    D. It is a faster encryption mechanism for sessions

  • Question 128:

    An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap. Which command will accomplish this goal?

    A. nmap --top-ports 192.168.1.0/24

    B. nmap P 192.168.1.0/24

    C. nmap -sL 192.168.1.0/24

    D. nmap -sV 192.168.1.0/24

  • Question 129:

    Refer to the exhibit.

    Which event is occurring?

    A. A binary named "submit" is running on VM cuckoo1.

    B. A binary is being submitted to run on VM cuckoo1

    C. A binary on VM cuckoo1 is being submitted for evaluation

    D. A URL is being evaluated to see if it has a malicious binary

  • Question 130:

    What are the two characteristics of the full packet captures? (Choose two.)

    A. Identifying network loops and collision domains.

    B. Troubleshooting the cause of security and performance issues.

    C. Reassembling fragmented traffic from raw data.

    D. Detecting common hardware faults and identify faulty assets.

    E. Providing a historical record of a network transaction.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 200-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.