Online Access Free Cisco.200-201.v2024-06-02.q207 Practice Test (Page 28)

200-201 Exam Question 131

What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)

A.Untampered images are used in the security investigation process

B.Tampered images are used in the security investigation process

C.The image is tampered if the stored hash and the computed hash match

D.Tampered images are used in the incident recovery process

E.The image is untampered if the stored hash and the computed hash match

200-201 Exam Question 132

Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

A.A policy violation is active for host 10.10.101.24.

B.A policy violation is active for host 10.201.3.149.

C.There are two active data exfiltration alerts.

D.A host on the network is sending a DDoS attack to another inside host.

200-201 Exam Question 133

Which two elements are assets in the role of attribution in an investigation? (Choose two.)

A.laptop

B.firewall logs

C.context

D.session

E.threat actor

200-201 Exam Question 134

An analyst is using the SIEM platform and must extract a custom property from a Cisco device and capture the phrase, "File: Clean." Which regex must the analyst import?

A.File: Clean (.*)

B.^Parent File Clean$

C.File: Clean

D.^File: Clean$

200-201 Exam Question 135

An engineer discovered a breach, identified the threat's entry point, and removed access. The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?

A.Recover from the threat.

B.Analyze the threat.

C.Identify lessons learned from the threat.

D.Reduce the probability of similar threats.

Other Version: 1018Cisco.200-201.v2025-07-31.q155; 1601Cisco.200-201.v2025-02-28.q243; 106Cisco.Testkingpdf.200-201.v2022-03-05.by.mavis.130q.pdf; 3375Cisco.200-201.v2022-02-15.q130; 2615Cisco.200-201.v2022-01-19.q100; 113Cisco.Braindumpspass.200-201.v2021-08-02.by.angela.102q.pdf

Latest Upload: 123Microsoft.AB-731.v2026-06-19.q23; 246IIA.IIA-CIA-Part2.v2026-06-19.q308; 154DAMA.MD-1220.v2026-06-19.q66; 153ISTQB.CT-AI.v2026-06-18.q68; 243IIA.IIA-CIA-Part3.v2026-06-17.q220; 167WGU.Introduction-to-IT.v2026-06-17.q67; 219CompTIA.220-1202.v2026-06-16.q110; 140TheInstitutes.CPCU-500.v2026-06-16.q25; 220ACAMS.CAMS7-CN.v2026-06-16.q170; 277CBIC.CIC.v2026-06-15.q123

200-201 Exam Question 131

200-201 Exam Question 132

200-201 Exam Question 133

200-201 Exam Question 134

200-201 Exam Question 135

Download PDF File