200-201 Exam Question 101

Refer to the exhibit.

A network administrator is investigating suspicious network activity by analyzing captured traffic. An engineer notices abnormal behavior and discovers that the default user agent is present in the headers of requests and data being transmitted What is occurring?
  • 200-201 Exam Question 102

    A software development company develops high-end technology for the customer that will go through the HIPAA audit program. The technology will be hosted in the cloud, and the healthcare, employee names, and contact information will be stored on two separate logically isolated private cloud services. The patents and inventions will be hosted on a separate encrypted database. A compliance team is asked to analyze the cloud infrastructure and architecture to identify the protected data. Which two types of protected data should be identified? (Choose two.)
  • 200-201 Exam Question 103

    Which technique is a low-bandwidth attack?
  • 200-201 Exam Question 104

    An engineer must analyze a security event from last month. The engineer has access to a .pcap file collected via traffic mirroring and NetFlow data. The engineer must perform checks quickly on a busy network segment without prior knowledge of the incident details. Which source of data should be used for analysis?
  • 200-201 Exam Question 105

    What are the two differences between vulnerability and exploit? (Choose two.)