Online Access Free Cisco.200-201.v2024-06-02.q207 Practice Test (Page 37)

200-201 Exam Question 176

What is the difference between deep packet inspection and stateful inspection?

A.Stateful inspection is more secure than deep packet inspection on Layer 7.

B.Stateful inspection verifies contents at Layer 4. and deep packet inspection verifies connection at Layer
7.

C.Deep packet inspection allows visibility on Layer 7, and stateful inspection allows visibility on Layer 4.

D.Deep packet inspection is more secure than stateful inspection on Layer 4.

200-201 Exam Question 177

What is a difference between SIEM and SOAR?

A.SOAR's primary function is to collect and detect anomalies, while SIEM is more focused on security operations automation and response.

B.SlEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response.

C.SIEM predicts and prevents security alerts, while SOAR checks attack patterns and applies the mitigation.

D.SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation.

200-201 Exam Question 178

What is a difference between tampered and untampered disk images?

A.Tampered images are used as evidence.

B.Tampered images have the same stored and computed hash.

C.Untampered images are used for forensic investigations.

D.Untampered images are deliberately altered to preserve as evidence.

200-201 Exam Question 179

An analyst received an alert on their desktop computer showing that an attack was successful on the host.
After investigating, the analyst discovered that no mitigation action occurred during the attack. What is the reason for this discrepancy?

A.The computer has a HIPS installed on it.

B.The computer has a NIPS installed on it.

C.The computer has a NIDS installed on it.

D.The computer has a HIDS installed on it.

200-201 Exam Question 180

After a large influx of network traffic to externally facing devices, a security engineer begins investigating what appears to be a denial of service attack When the packet capture data is reviewed, the engineer notices that the traffic is a single SYN packet to each port Which type of attack is occurring?

A.traffic fragmentation

B.port scanning

C.host profiling

D.SYN flood

Other Version: 1023Cisco.200-201.v2025-07-31.q155; 1626Cisco.200-201.v2025-02-28.q243; 106Cisco.Testkingpdf.200-201.v2022-03-05.by.mavis.130q.pdf; 3381Cisco.200-201.v2022-02-15.q130; 2616Cisco.200-201.v2022-01-19.q100; 113Cisco.Braindumpspass.200-201.v2021-08-02.by.angela.102q.pdf

Latest Upload: 138VMware.3V0-21.25.v2026-06-20.q29; 136Microsoft.AB-731.v2026-06-19.q23; 275IIA.IIA-CIA-Part2.v2026-06-19.q308; 166DAMA.MD-1220.v2026-06-19.q66; 162ISTQB.CT-AI.v2026-06-18.q68; 268IIA.IIA-CIA-Part3.v2026-06-17.q220; 186WGU.Introduction-to-IT.v2026-06-17.q67; 262CompTIA.220-1202.v2026-06-16.q110; 149TheInstitutes.CPCU-500.v2026-06-16.q25; 235ACAMS.CAMS7-CN.v2026-06-16.q170

200-201 Exam Question 176

200-201 Exam Question 177

200-201 Exam Question 178

200-201 Exam Question 179

200-201 Exam Question 180

Download PDF File