- A rogue device has been detected on a network. Which of the following can be used to help determine the type or vendor of the device?
A. IP address
B. Service port number
C. MAC address
D. All of the above
- A security professional suspects that the ARP cache of a host system was compromised. Which of the following commands can be used to show the ARP entries?
A.
arp -a
B.
ipconfig
C.
ifconfig
D.
netstat -ano
- An attacker was able to perform a man-in-the-middle attack and retrieved a victim's user credentials. Which of the following protocols was the victim most likely using?
A. S/MIME
B. HTTPS
C. SMTP
D. FTPS
- An attacker was able to redirect users to a malware-infected web server whenever they visited the URL
http://www.server.local
. Which of the following protocols was compromised?A. ICMP
B. IP
C. ARP
D. DNS
- Which of the following is not a threat identification method that's used by an Intrusion Prevention System (IPS)?
A. Algorithm-based
B. Global...
Cisco Certified CyberOps Associate 200-201 Certification Guide
By :
Cisco Certified CyberOps Associate 200-201 Certification Guide
By:
Overview of this book
Achieving the Cisco Certified CyberOps Associate 200-201 certification helps you to kickstart your career in cybersecurity operations. This book offers up-to-date coverage of 200-201 exam resources to fully equip you to pass on your first attempt.
The book covers the essentials of network security concepts and shows you how to perform security threat monitoring. You'll begin by gaining an in-depth understanding of cryptography and exploring the methodology for performing both host and network-based intrusion analysis. Next, you'll learn about the importance of implementing security management and incident response strategies in an enterprise organization. As you advance, you'll see why implementing defenses is necessary by taking an in-depth approach, and then perform security monitoring and packet analysis on a network. You'll also discover the need for computer forensics and get to grips with the components used to identify network intrusions. Finally, the book will not only help you to learn the theory but also enable you to gain much-needed practical experience for the cybersecurity industry.
By the end of this Cisco cybersecurity book, you'll have covered everything you need to pass the Cisco Certified CyberOps Associate 200-201 certification exam, and have a handy, on-the-job desktop reference guide.
Table of Contents (25 chapters)
Preface
Section 1: Network and Security Concepts
Free Chapter
Chapter 1: Exploring Networking Concepts
Chapter 2: Exploring Network Components and Security Systems
Chapter 3: Discovering Security Concepts
Section 2: Principles of Security Monitoring
Chapter 4: Understanding Security Principles
Chapter 5: Identifying Attack Methods
Chapter 6: Working with Cryptography and PKI
Section 3: Host and Network-Based Analysis
Chapter 7: Delving into Endpoint Threat Analysis
Chapter 8: Interpreting Endpoint Security
Chapter 9: Exploring Computer Forensics
Chapter 10: Performing Intrusion Analysis
Section 4: Security Policies and Procedures
Chapter 11: Security Management Techniques
Chapter 12: Dealing with Incident Response
Chapter 13: Implementing Incident Handling
Chapter 14: Implementing Cisco Security Solutions
Chapter 15: Working with Cisco Security Solutions
Chapter 16: Real-World Implementation and Best Practices
Chapter 17: Mock Exam 1
Chapter 18: Mock Exam 2
Assessment
Customer Reviews