200-201 exam

A malicious file has been identified in a sandbox analysis tool. Which piece of information is needed to search for additional downloads of this file by other hosts?A . file header typeB . file sizeC . file nameD . file hash valueView AnswerAnswer: D Explanation: To search for additional downloads...

What is the difference between a threat and a risk?A . Threat represents a potential danger that could take advantage of a weakness in a systemB . Risk represents the known and identified loss or danger in the systemC . Risk represents the nonintentional interaction with uncertainty in the systemD...

An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is...

Which security principle requires more than one person is required to perform a critical task?A . least privilegeB . need to knowC . separation of dutiesD . due diligenceView AnswerAnswer: C Explanation: Separation of duties is a security principle that requires more than one person to perform a critical task,...

What is a purpose of a vulnerability management framework?A . identifies, removes, and mitigates system vulnerabilitiesB . detects and removes vulnerabilities in source codeC . conducts vulnerability scans on the networkD . manages a list of reported vulnerabilitiesView AnswerAnswer: A Explanation: A vulnerability management framework is a set of processes...

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?A . decision makingB . rapid responseC . data miningD . due diligenceView AnswerAnswer: A Explanation: Decision making is a principle that guides an analyst to gather information relevant...

What is the relationship between a vulnerability and a threat?A . A threat exploits a vulnerabilityB . A vulnerability is a calculation of the potential loss caused by a threatC . A vulnerability exploits a threatD . A threat is a calculation of the potential loss caused by a vulnerabilityView...

Refer to the exhibit. Which event is occurring?A . A binary named "submit" is running on VM cuckoo1.B . A binary is being submitted to run on VM cuckoo1C . A binary on VM cuckoo1 is being submitted for evaluationD . A URL is being evaluated to see if it...

What is rule-based detection when compared to statistical detection?A . proof of a user's identityB . proof of a user's actionC . likelihood of user's actionD . falsification of a user's identityView AnswerAnswer: B Explanation: Rule-based detection is a type of intrusion detection system (IDS) that uses predefined rules or...

Which attack is the network vulnerable to when a stream cipher like RC4 is used twice with the same key?A . forgery attackB . plaintext-only attackC . ciphertext-only attackD . meet-in-the-middle attackView AnswerAnswer: C Explanation: When a stream cipher like RC4 is used twice with the same key, it becomes...