200-201 Free Practice Test

Refer to the exhibit.

In which Linux log file is this output found?

1. A. /var/log/authorization.log
2. B. /var/log/dmesg
3. C. var/log/var.log
4. D. /var/log/auth.log

Correct Answer: D

Refer to the exhibit.

A workstation downloads a malicious docx file from the Internet and a copy is sent to FTDv. The FTDv sends the file hash to FMC and the tile event is recorded What would have occurred with stronger data visibility?

1. A. The traffic would have been monitored at any segment in the network.
2. B. Malicious traffic would have been blocked on multiple devices
3. C. An extra level of security would have been in place
4. D. Detailed information about the data in real time would have been provided

Correct Answer: B

What specific type of analysis is assigning values to the scenario to see expected outcomes?

1. A. deterministic
2. B. exploratory
3. C. probabilistic
4. D. descriptive

Correct Answer: A

Which data type is necessary to get information about source/destination ports?

1. A. statistical data
2. B. session data
3. C. connectivity data
4. D. alert data

Correct Answer: B
Session data provides information about the five tuples; source IP address/port number, destination IP address/port number and the protocol
What is Connectivity Data? According to IBM - Connectivity data defines how entities are connected in the network. It includes connections between different devices, and VLAN-related connections within the same
device https://www.ibm.com/docs/en/networkmanager/4.2.0?topic=relationships-connectivity-data

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?

1. A. decision making
2. B. rapid response
3. C. data mining
4. D. due diligence

Correct Answer: D