200-201 Free Practice Test

What is the difference between the rule-based detection when compared to behavioral detection?

1. A. Rule-Based detection is searching for patterns linked to specific types of attacks, while behavioral is identifying per signature.
2. B. Rule-Based systems have established patterns that do not change with new data, while behavioral changes.
3. C. Behavioral systems are predefined patterns from hundreds of users, while Rule-Based only flags potentially abnormal patterns using signatures.
4. D. Behavioral systems find sequences that match a particular attack signature, while Rule-Based identifies potential attacks.

Correct Answer: D

What is the difference between discretionary access control (DAC) and role-based access control (RBAC)?

1. A. DAC requires explicit authorization for a given user on a given object, and RBAC requires specific conditions.
2. B. RBAC access is granted when a user meets specific conditions, and in DAC, permissions are applied on user and group levels.
3. C. RBAC is an extended version of DAC where you can add an extra level of authorization based on time.
4. D. DAC administrators pass privileges to users and groups, and in RBAC, permissions are applied to specific groups

Correct Answer: A

According to the September 2020 threat intelligence feeds a new malware called Egregor was introduced and used in many attacks. Distnbution of Egregor is pnmanly through a Cobalt Strike that has been installed on victim's workstations using RDP exploits Malware exfiltrates the victim's data to a command and control server. The data is used to force victims pay or lose it by publicly releasing it. Which type of attack is described?

1. A. malware attack
2. B. ransomware attack
3. C. whale-phishing
4. D. insider threat

Correct Answer: B

During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?

1. A. examination
2. B. investigation
3. C. collection
4. D. reporting

Correct Answer: C

How does an attack surface differ from an attack vector?

1. A. An attack vector recognizes the potential outcomes of an attack, and the attack surface is choosing a method of an attack.
2. B. An attack surface identifies vulnerable parts for an attack, and an attack vector specifies which attacks are feasible to those parts.
3. C. An attack surface mitigates external vulnerabilities, and an attack vector identifies mitigation techniques and possible workarounds.
4. D. An attack vector matches components that can be exploited, and an attack surface classifies the potential path for exploitation

Correct Answer: B