Question No. 1

Refer to the exhibit.

An engineer is analyzing this Cuckoo Sandbox report for a PDF file that has been downloaded from an email. What is the state of this file?

AThe file has an embedded executable and was matched by PEiD threat signatures for further analysis.

BThe file has an embedded non-Windows executable but no suspicious features are identified.

CThe file has an embedded Windows 32 executable and the Yara field lists suspicious features for further analysis.

DThe file was matched by PEiD threat signatures but no suspicious features are identified since the signature list is up to date.

Show Answer

Correct Answer: C

Question No. 2

An engineer is analyzing a recent breach where confidential documents were altered and stolen by the receptionist. Further analysis shows that the threat actor connected an externa USB device to bypass security restrictions and steal dat

a. The engineer could not find an external USB device Which piece of information must an engineer use for attribution in an investigation?

Alist of security restrictions and privileges boundaries bypassed

Bexternal USB device

Creceptionist and the actions performed

Dstolen data and its criticality assessment

Show Answer

Correct Answer: C

In the context of a cybersecurity breach, attribution involves identifying the responsible party. Since the external USB device was not found, the focus shifts to the actions performed by the receptionist.Analyzing these actions can provide insights into how the breach occurred and may help in attributing the incident to the threat actor

Question No. 3

Which HTTP header field is used in forensics to identify the type of browser used?

Areferrer

Bhost

Cuser-agent

Daccept-language

Show Answer

Correct Answer: C

Theuser-agentHTTP header field is used in forensics to identify the type of browser used. It contains a characteristic string that allows network protocol peers to identify the operating system and browser of the web-server.This information is crucial in forensic analysis as it can provide insights into the client's environment1.

Question No. 4

Which two pieces of information are collected from the IPv4 protocol header? (Choose two.)

AUDP port to which the traffic is destined

BTCP port from which the traffic was sourced

Csource IP address of the packet

Ddestination IP address of the packet

EUDP port from which the traffic is sourced

Show Answer

Correct Answer: C, D

The IPv4 protocol header contains various fields that provide essential information for routing and delivery of packets across an IP network. Two key pieces of information collected from the IPv4 header are the source IP address and the destination IP address of the packet.These addresses are crucial for identifying where a packet is coming from and where it is intended to go12.

Question No. 5

Refer to the exhibit.

This request was sent to a web application server driven by a database. Which type of web server attack is represented?

Aparameter manipulation

Bheap memory corruption

Ccommand injection

Dblind SQL injection

Show Answer

Correct Answer: D

Free Cisco 200-201 Exam Actual Questions

The questions for 200-201 were last updated On Dec 17, 2024