Implementing Cisco Cybersecurity Operations v9.2

Page:    1 / 6   
Exam contains 80 questions

Which of the following steps in the kill chain would come before the others?

  • A. C2
  • B. Delivery
  • C. Installation
  • D. Exploitation


Answer : B


Refer to the Exhibit. A customer reports that they cannot access your organization's website. Which option is a possible reason that the customer cannot access the website?

  • A. The server at 10.33.1.5 is using up too much bandwidth causing a denial- of-service.
  • B. The server at 10.67.10.5 has a virus.
  • C. A vulnerability scanner has shown that 10.67.10.5 has been compromised.
  • D. Web traffic sent from 10.67.10.5 has been identified as malicious by Internet sensors.


Answer : C

Which option has a drastic impact on network traffic because it can cause legitimate traffic to be blocked?

  • A. true positive
  • B. true negative
  • C. false positive
  • D. false negative


Answer : C

What information from HTTP logs can be used to find a threat actor?

  • A. referer
  • B. IP address
  • C. user-agent
  • D. URL


Answer : C

Which option filters a LibPCAP capture that used a host as a gateway?

  • A. tcp|udp] [src|dst] port <port>
  • B. [src|dst] net <net> [{mask <mask>}|{len <len>}]
  • C. ether [src|dst] host <ehost>
  • D. gateway host <host>


Answer : D

From a security perspective, why is it important to employ a clock synchronization protocol on a network?

  • A. so that everyone knows the local time
  • B. to ensure employees adhere to work schedule
  • C. to construct an accurate timeline of events when responding to an incident
  • D. to guarantee that updates are pushed out according to schedule


Answer : A

Which option allows a file to be extracted from a TCP stream within Wireshark?

  • A. File > Export Objects
  • B. Analyze > Extract
  • C. Tools > Export > TCP
  • D. View > Extract


Answer : A

Which feature is used to find possible vulnerable services running on a server?

  • A. CPU utilization
  • B. security policy
  • C. temporary internet files
  • D. listening ports


Answer : D

Which two HTTP header fields relate to intrusion analysis? (Choose two).

  • A. user-agent
  • B. host
  • C. connection
  • D. language
  • E. handshake type


Answer : B,C

Drag and drop the elements of incident handling from the left into the correct order on the right.




Answer :

Explanation:

Preparation -

Detection and analysis -
Containment, eradication and recovery

Post incident analysis -

In the context of incident handling phases, which two activities fall under scoping? (Choose two.)

  • A. determining the number of attackers that are associated with a security incident
  • B. ascertaining the number and types of vulnerabilities on your network
  • C. identifying the extent that a security incident is impacting protected resources on the network
  • D. determining what and how much data may have been affected
  • E. identifying the attackers that are associated with a security incident


Answer : D,E

Which of the following is an example of a coordination center?

  • A. Cisco PSIRT
  • B. Microsoft MSRC
  • C. CERT division of the Software Engineering Institute (SEI)
  • D. FIRST


Answer : C

You see 100 HTTP GET and POST requests for various pages on one of your webservers.
The user agent in the requests contain php code that, if executed, creates and writes to a new php file on the webserver. Which category does this event fall under as defined in the
Diamond Model of Intrusion?

  • A. delivery
  • B. reconnaissance
  • C. action on objectives
  • D. installation
  • E. exploitation


Answer : D

Which data type is protected under the PCI compliance framework?

  • A. credit card type
  • B. primary account number
  • C. health conditions
  • D. provision of individual care


Answer : A

Which kind of evidence can be considered most reliable to arrive at an analytical assertion?

  • A. direct
  • B. corroborative
  • C. indirect
  • D. circumstantial
  • E. textual


Answer : A

Page:    1 / 6   
Exam contains 80 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us