1. Home
  2. Cisco
  3. 200-201

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Exam Details

  • Exam Code
    :200-201
  • Exam Name
    :Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
  • Certification
    :CyberOps Associate
  • Vendor
    :Cisco
  • Total Questions
    :406 Q&As
  • Last Updated
    :Mar 21, 2025

Cisco CyberOps Associate 200-201 Questions & Answers

  • Question 21:

    Which of these describes volatile evidence?

    A. logs

    B. registers and cache

    C. disk and removable drives

    D. usernames

  • Question 22:

    Which type of data must an engineer capture to analyze payload and header information?

    A. full packet

    B. frame check sequence

    C. alert data

    D. session logs

  • Question 23:

    Refer to the exhibit.

    Which application-level protocol is being targeted?

    A. FTP B. TCP

    C. HTTP

    D. HTTPS

  • Question 24:

    Refer to the exhibit.

    Which alert is identified from this packet capture?

    A. man-in-the-middle attack

    B. brute-force attack

    C. ARP poisoning

    D. SQL injection

  • Question 25:

    A company's cyber security team performed a phishing simulation campaign for employees and performed security awareness trainings to affected personal. According to NIST.SP800-61, at which phase of incident response is this action?

    A. post-incident activity phase

    B. detection and analyze phase

    C. preparation phase

    D. eradication and recovery phase

  • Question 26:

    Which statement describes patch management?

    A. scanning servers and workstations for missing patches and vulnerabilities

    B. process of appropriate distribution of system or software updates

    C. managing and keeping previous patches lists documented for audit purposes

    D. workflow of distributing mitigations of newly found vulnerabilities

  • Question 27:

    Refer to the exhibit.

    Which field contains DNS header information if the payload is a query or response?

    A. ID

    B. Z

    C. QR

    D. TC

  • Question 28:

    What matches the regular expression c(rgr)+e?

    A. c(rgr)e

    B. crgrrgre

    C. crgr+e

    D. ce

  • Question 29:

    A SOC analyst observed Ursnif malware at the SIEM dashboard. The analyst opened the PCAP file to search the certificate issue data. Where must the analyst navigate?

    A. under the rdnSequence line

    B. under the validity line

    C. under the subject

    D. under the signed certificate

  • Question 30:

    Refer to exhibit.

    An analyst performs the analysis of the pcap file to detect the suspicious activity. What challenges did the analyst face in terms of data visibility?

    A. data encapsulation

    B. code obfuscation

    C. data encryption

    D. IP fragmentation

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 200-201 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.