Online Access Free Cisco.200-201.v2024-06-02.q207 Practice Test (Page 7)

200-201 Exam Question 26

Which type of evidence supports a theory or an assumption that results from initial evidence?

A.probabilistic

B.indirect

C.best

D.corroborative

200-201 Exam Question 27

Drag and drop the type of evidence from the left onto the description of that evidence on the right.

200-201 Exam Question 28

A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)

A.Isolate affected endpoints and take disk images for analysis

B.Provide security awareness training to HR managers and employees

C.Block connection to this C&C server on the perimeter next-generation firewall

D.Update antivirus signature databases on affected endpoints to block connections to C&C

E.Detect the attack vector and analyze C&C connections

200-201 Exam Question 29

What is the difference between inline traffic interrogation (TAPS) and traffic mirroring (SPAN)?

A.TAPS replicates the traffic to preserve integrity, and SPAN modifies packets before sending them to other analysis tools

B.SPAN ports filter out physical layer errors, making some types of analyses more difficult, and TAPS receives all packets, including physical errors.

C.SPAN results in more efficient traffic analysis, and TAPS is considerably slower due to latency caused by mirroring.

D.TAPS interrogation is more complex because traffic mirroring applies additional tags to data and SPAN does not alter integrity and provides full duplex network.

200-201 Exam Question 30

What is the virtual address space for a Windows process?

A.set of pages that reside in the physical memory

B.physical location of an object in memory

C.set of virtual memory addresses that can be used

D.system-level memory protection feature built into the operating system

Other Version: 1017Cisco.200-201.v2025-07-31.q155; 1595Cisco.200-201.v2025-02-28.q243; 106Cisco.Testkingpdf.200-201.v2022-03-05.by.mavis.130q.pdf; 3375Cisco.200-201.v2022-02-15.q130; 2614Cisco.200-201.v2022-01-19.q100; 113Cisco.Braindumpspass.200-201.v2021-08-02.by.angela.102q.pdf

Latest Upload: 122Microsoft.AB-731.v2026-06-19.q23; 224IIA.IIA-CIA-Part2.v2026-06-19.q308; 149DAMA.MD-1220.v2026-06-19.q66; 125ISTQB.CT-AI.v2026-06-18.q68; 242IIA.IIA-CIA-Part3.v2026-06-17.q220; 165WGU.Introduction-to-IT.v2026-06-17.q67; 206CompTIA.220-1202.v2026-06-16.q110; 138TheInstitutes.CPCU-500.v2026-06-16.q25; 219ACAMS.CAMS7-CN.v2026-06-16.q170; 272CBIC.CIC.v2026-06-15.q123

200-201 Exam Question 26

200-201 Exam Question 27

200-201 Exam Question 28

200-201 Exam Question 29

200-201 Exam Question 30

Download PDF File