200-201 Free Practice Test

Which data type is necessary to get information about source/destination ports?

1. A. statistical data
2. B. session data
3. C. connectivity data
4. D. alert data

Correct Answer: B
Session data provides information about the five tuples; source IP address/port number, destination IP address/port number and the protocol
What is Connectivity Data? According to IBM - Connectivity data defines how entities are connected in the network. It includes connections between different devices, and VLAN-related connections within the same
device https://www.ibm.com/docs/en/networkmanager/4.2.0?topic=relationships-connectivity-data

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?

1. A. decision making
2. B. rapid response
3. C. data mining
4. D. due diligence

Correct Answer: D

Which type of evidence supports a theory or an assumption that results from initial evidence?

1. A. probabilistic
2. B. indirect
3. C. best
4. D. corroborative

Correct Answer: D
Corroborating evidence (or corroboration) is evidence that tends to support a theory or an assumption deduced by some initial evidence. This corroborating evidence confirms the proposition. Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide

What is the difference between discretionary access control (DAC) and role-based access control (RBAC)?

1. A. DAC requires explicit authorization for a given user on a given object, and RBAC requires specific conditions.
2. B. RBAC access is granted when a user meets specific conditions, and in DAC, permissions are applied on user and group levels.
3. C. RBAC is an extended version of DAC where you can add an extra level of authorization based on time.
4. D. DAC administrators pass privileges to users and groups, and in RBAC, permissions are applied to specific groups

Correct Answer: A

What is a difference between an inline and a tap mode traffic monitoring?

1. A. Inline monitors traffic without examining other devices, while a tap mode tags traffic and examines the data from monitoring devices.
2. B. Tap mode monitors traffic direction, while inline mode keeps packet data as it passes through the monitoring devices.
3. C. Tap mode monitors packets and their content with the highest speed, while the inline mode draws a packet path for analysis.
4. D. Inline mode monitors traffic path, examining any traffic at a wire speed, while a tap mode monitors traffic as it crosses the network.

Correct Answer: D