200-201 Free Practice Test

What describes the defense-m-depth principle?

1. A. defining precise guidelines for new workstation installations
2. B. categorizing critical assets within the organization
3. C. isolating guest Wi-Fi from the focal network
4. D. implementing alerts for unexpected asset malfunctions

Correct Answer: B

A user received a malicious attachment but did not run it. Which category classifies the intrusion?

1. A. weaponization
2. B. reconnaissance
3. C. installation
4. D. delivery

Correct Answer: D

Refer to the exhibit.

An engineer received a ticket about a slowed-down web application The engineer runs the #netstat -an command. How must the engineer interpret the results?

1. A. The web application is receiving a common, legitimate traffic
2. B. The engineer must gather more data.
3. C. The web application server is under a denial-of-service attack.
4. D. The server is under a man-in-the-middle attack between the web application and its database

Correct Answer: C

A security engineer deploys an enterprise-wide host/endpoint technology for all of the company's corporate PCs. Management requests the engineer to block a selected set of applications on all PCs. Which technology should be used to accomplish this task?

1. A. application whitelisting/blacklisting
2. B. network NGFW
3. C. host-based IDS
4. D. antivirus/antispyware software

Correct Answer: A

What is the difference between inline traffic interrogation and traffic mirroring?

1. A. Inline interrogation is less complex as traffic mirroring applies additional tags to data.
2. B. Traffic mirroring copies the traffic rather than forwarding it directly to the analysis tools
3. C. Inline replicates the traffic to preserve integrity rather than modifying packets before sending them to other analysis tools.
4. D. Traffic mirroring results in faster traffic analysis and inline is considerably slower due to latency.

Correct Answer: A