200-201 Free Practice Test

Which two elements of the incident response process are stated in NIST SP 800-61 r2? (Choose two.)

1. A. detection and analysis
2. B. post-incident activity
3. C. vulnerability scoring
4. D. vulnerability management
5. E. risk assessment

Correct Answer: AB

The security team has detected an ongoing spam campaign targeting the organization. The team's approach is to push back the cyber kill chain and mitigate ongoing incidents. At which phase of the cyber kill chain should the security team mitigate this type of attack?

1. A. actions
2. B. delivery
3. C. reconnaissance
4. D. installation

Correct Answer: B

Refer to the exhibit.

What is depicted in the exhibit?

1. A. Windows Event logs
2. B. Apache logs
3. C. IIS logs
4. D. UNIX-based syslog

Correct Answer: B

Refer to the exhibit.

Drag and drop the element name from the left onto the correct piece of the PCAP file on the right.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

An engineer needs to configure network systems to detect command and control communications by decrypting ingress and egress perimeter traffic and allowing network security devices to detect malicious outbound communications. Which technology should be used to accomplish the task?

1. A. digital certificates
2. B. static IP addresses
3. C. signatures
4. D. cipher suite

Correct Answer: A