Before you write the Cisco CyberOps Associate (200-201) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Cisco Certified CyberOps Associate (CBROPS) sample questions and demo exam help you in removing these doubts and prepare you to take the test.
The best approach to pass your Cisco 200-201 exam is to challenge and improve your knowledge. To test your learning and identify improvement areas with actual exam format, we suggest you practice with Premium Cisco 200-201 Certification Practice Exam. The practice test is one of the most important elements of your Threat Hunting and Defending using Cisco Technologies for CyberOps (CBROPS) exam study strategy to discover your strengths and weaknesses, to improve your time management skills and to get an idea of the score you can expect.
Cisco 200-201 (CBROPS) Sample Questions:
01. How does an attacker observe network traffic exchanged between two users?
a) port scanning
c) command injection
d) denial of service
02. When TCP packet is sent to an open port with the SYN flag set, what response would be expected from the open port?
a) a packet with the SYN and ACK flags set
b) a packet with an RST flag
c) no response
d) a packet with the ACK flag set
03. A user received a malicious attachment but did not run it. Which category classifies the intrusion?
04. Cisco Active Threat Analysis is an example of which of the following?
c) Coordination centers
d) National CSIRT
05. While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header.
Which technology makes this behavior possible?
06. An investigator is examining a copy of an ISO file that is stored in CDFS format. What type of evidence is this file?
a) data from a CD copied using Mac-based system
b) data from a CD copied using Linux system
c) data from a DVD copied using Windows system
d) data from a CD copied using Windows
07. What are two differences in how tampered and untampered disk images affect a security incident?
a) Untampered images are used in the security investigation process
b) Tampered images are used in the security investigation process
c) The image is tampered if the stored hash and the computed hash match
d) Tampered images are used in the incident recovery process
e) The image is untampered if the stored hash and the computed hash match
08. Which of the following CVSS scores measures the extent to which the information resource can be changed due to an attack?
d) Attack vector
09. You are assessing application or service availability with a port scan. All services use default ports. This is an example of what type of exploit analysis?
10. When the facility has a fence, guards, a locked front door and locked interior doors, it called what?
b) separation of duties
c) defense in depth
Answer: b, e
Note: If you find any error in these Threat Hunting and Defending using Cisco Technologies for CyberOps (CBROPS) sample questions, you can update us by write an email on firstname.lastname@example.org.