Cisco Certified Network Associate SECOPS

QuickStart is now offering assessment questions for Cisco Certified Network Associate SECOPS. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for Cisco Certified Network Associate SECOPS.

Which of the following are journaling file systems available with Windows or Linux?(Select 2 answers)

A. FAT32 and FAT: Incorrect.

B. Ext3 and Ext4 file systems: Correct!

C. NTFS: Correct!

D. Ext 2 and Ext: Incorrect.

What are the basic tenets of information security pertinent to forensics and information management?

A. Confidentiality, Integrity, and Availability: Correct!

B. Security, Integrity, and Availability: Incorrect.

C. Confidentiality, Intimacy, and Availability: Incorrect.

D. Secured Access, Network Connectivity, and Insights: Incorrect.

Arachni, Skipfish, and w3af are examples of what?

A. Web proxies: Incorrect.

B. Password crackers: Incorrect.

C. Security assessment tools: Incorrect.

D. Web application scanners: Correct!

A security researcher is assessing the security posture of the web servers in an organization's data center. The security researcher finds out that all these web servers are missing a critical security patch issued by the vendor. In this scenario, what has the security researcher found?

A. Vulnerability: Correct!

B. Threat: Incorrect.

C. Risk: Incorrect.

D. Exploit: Incorrect.

Which of the following data might be most interesting for threat actors from a profitability point of view?

A. Personally identifiable information (PII) such as HIPAA: Incorrect.

B. An organization’s intellectual property (IP): Incorrect.

C. Personal credit card data: Incorrect.

D. All of these answers are correct.: Correct!

Which of the following are objectives of the containment, eradication, and recovery phase of the incident response process?(Select 3 answers)

A. Implement a containment strategy.: Correct!

B. Perform event correlation.: Incorrect.

C. Identify the attacking hosts.: Correct!

D. The need for evidence preservation.: Correct!

Which of the following is not a part of a forensic investigation plan?

A. How to collect the evidence?: Incorrect.

B. How to safeguard the evidence?: Incorrect.

C. Who to submit the report to?: Correct!

D. WThe methodologies for analyzing the evidence: Incorrect.

Which of the following terms is used to describe the movement and location of physical evidence from the time it is obtained until the time it is presented in court?

A. Chain of custody: Correct!

B. Chain of evidence: Incorrect.

C. Chain of custodian: Incorrect.

D. Client victim chain: Incorrect.

What does the following figure represent?

A. Forensic chain of custody: Incorrect.

B. Order of volatility of the digital evidence: Correct!

C. Order in which a forensic examiner analyzes evidence: Incorrect.

D. The items/objects that must be captured from a cyber crime scene: Incorrect.

During a forensic exercise, which of the following must be addressed first when investigating a cyber crime?

A. Search and seizure of everything physically available at the crime scene: Incorrect.

B. Protection of data gathered: Incorrect.

C. Engagement of legal and other law agencies: Incorrect.

D. Collecting and securing the evidence: Correct!

In the context of digital forensics, which of the following statements is not true?

A. Chain of custody should be diligently followed to acquire, preserve, and safeguard the digital evidence.: Incorrect.

B. Apt measures must be taken during the analysis process to avoid any contamination of evidence.: Incorrect.

C. Always use the original digital evidence and not the duplicate copy, even if the duplicate copy is available for analysis.: Correct!

D. At all costs, safeguard the digital evidence from natural and human-induced disasters.: Incorrect.

An employee was convicted by an organization, for conducting corporate espionage using his personal mobile device. The device was taken into secure custody, pending analysis. Which of the following is the most appropriate methodology for mobile device forensic investigation?

A. The mobile should be switched off immediately to prevent its interaction with the surrounding environment.: Incorrect.

B. To steer clear of unwanted interactions with any wireless devices, such as Bluetooth and Wi-Fi, the radios of the mobile should be turned off.: Incorrect.

C. The mobile should be returned to its owner as there is no judicial custody on the same.: Incorrect.

D. If the mobile's display is switched on, the screen's contents should be photographed. The details such as the time of calls, emails, and other application information should be captured.: Correct!

Which dashboard shown in the following figure displays the threats from various geographical regions?

A. Cisco AMP: Incorrect.

B. Cuckoo Sandbox: Incorrect.

C. Cisco Senderbase.org: Incorrect.

D. Cisco FMC: Correct!

What does the regex \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b match against?(Select 2 answers)

A. a.b.c.d: Incorrect.

B. g.1.g.1: Incorrect.

C. 192.168.1.1: Correct!

D. 192.168.100.10: Correct!

The following figure shows a Wireshark pcap analysis. What can be inferred from this pcap file relevant to DNS traffic?

A. The DNS packets are malformed indicating the presence of DNS tunneling traffic.: Correct!

B. This file displays DNS and UDP traffic.: Incorrect.

C. DNS packets are being sent from one private IP to another private IP.: Incorrect.

D. The DNS protocol is working as usual and using default UDP for transportation.: Incorrect.

Which of the following regex will match the hexadecimal expression #e3b103?

A. /^!?([a-b0-9]{3}|[a-f0-9]{3})$/: Incorrect.

B. /^#?([a-f0-9]{6}|[a-f0-9]{3})$/: Correct!

C. /^#?([a-f0-9]{5}|[a-f0-9]{3})$/: Incorrect.

D. /^#?([a-f0-9]{3}|[a-f0-9]{2})$/: Incorrect.

What is represented by the ? in the following figure in context to security events?

A. Security frameworks: Incorrect.

B. Security processes: Correct!

C. Security artifacts: Incorrect.

D. Malware inspection: Incorrect.

The following figure illustrates Cisco Wireless Lan Controller (WLC) logs. What can be inferred from this log file?

A. The WLC has disassociated the client with IP address 10.20.203.101 in response to the Cisco ASA block.: Incorrect.

B. The WLC has shunned the client with IP address 10.20.203.101 in response to the Cisco ASA shun: Incorrect.

C. The WLC has excluded the client with IP address 10.20.203.101 in response to an IDS shun event.: Correct!

D. The WLC has allowed the client with IP address 10.20.203.101 in response to the Cisco ISE security group tags.: Incorrect.

What does the following figure illustrate?

A. NetFlow v7 export packet: Incorrect.

B. NetFlow v9 header format: Correct!

C. NetFlow v9 record format: Incorrect.

D. NetFlow v1 header format: Incorrect.

What does the following IOS configuration enable?

A. NetFlow v1 export format: Incorrect.

B. Flexible NetFlow IPFIX export format: Correct!

C. NetFlow v5 header format: Incorrect.

D. Flexible NetFlow IPFIX IP flow information Format: Incorrect.

DDoS attacks are often used maliciously to consume the resources of your hosts and network that would otherwise be used to serve legitimate users. Which of the following can be used as a tool for detecting traffic anomalies?

A. Antivirus software: Incorrect.

B. NetFlow: Correct!

C. Cisco ASA: Incorrect.

D. Kill Chain: Incorrect.

The following figure illustrates a NetFlow traffic capture using NfSen. What can be inferred about the traffic flow illustrated?

A. The graph displays normal traffic flow: Incorrect.

B. The graph displays anomalous UDP traffic flow.: Correct!

C. The graph displays normal UDP traffic flow.: Incorrect.

D. The graph displays TCP, ICMP, and other protocols in line to traffic flows.: Incorrect.

Which Cisco product boasts the following dashboard?

A. Cisco SDM: Incorrect.

B. Cisco Lancope StealthWatch: Correct!

C. Cisco ASDM: Incorrect.

D. Cisco Senderbase.org: Incorrect.

NetFlow is used for which of the following purposes?

A. Collecting logs for troubleshooting the network devices: Incorrect.

B. To capture information on the types of traffic traversing the network: Correct!

C. To oversee the packet flows on the network: Incorrect.

D. To gather inventory, that is, IDs, serial numbers, version details of routers, servers, switches, and so on: Incorrect.

Which NIST publication addresses the incident response process in line with statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347?

A. 800-43: Incorrect.

B. 800-61: Correct!

C. 800-37: Incorrect.

D. 800-54: Incorrect.

Which of the following is the main goal of a security awareness program? And during which phase of the incident response process would developing a user awareness program be useful?

A. It provides a forum for discussing exposure and associated risk analysis. The user awareness training is part of the preparation phase.: Incorrect.

B. It provides a clear understanding of potential risk and exposure. The user awareness training is part of the preparation phase.: Correct!

C. It provides a forum to communicate user responsibilities. The user awareness training is part of the preparation phase.: Incorrect.

D. It provides a clear understanding of potential risk and exposure. The user awareness training is part of the containment, eradication, and recovery phase.: Incorrect.

It is important that information about a Cyber crime investigation be?

A. Contained and destroyed as soon after trial as possible: Incorrect.

B. Kept limited to as few people as possible: Correct!

C. Reviewed by executive management before being released to the public: Incorrect.

D. Backed up to a safe system to ensure availability: Incorrect.

An organization is investigating an occurrence of a possible breach signified by an IDS system. Pertinent to this specific occasion, which of the following terms best describes the occurrence of a false negative in context to the IDS system?

A. A signature: Incorrect.

B. An event: Correct!

C. A variance: Incorrect.

D. An incident: Incorrect.

NIST developed Special Publication 800-61 due to statutory responsibilities under which of the following acts?

A. FERPA: Incorrect.

B. FISMA: Correct!

C. HIPAA: Incorrect.

D. PCI DSS: Incorrect.

Home
Cisco Certified Network Associate SECOPS

Cisco Certified Network Associate SECOPS

Be the first to review this course

QuickStart is now offering you assessment questions to better aid in certification. 100% of the questions are real questions from a recent version of the test you will take.

$99.00

QuickStart is now offering you assessment questions to better aid in certification. 100% of the questions are real questions from a recent version of the test you will take.

More Information:

Learning Style: On Demand
Learning Style: Practice Exam
Difficulty: Beginner
Course Duration: 1 Hour
Course Info: Download PDF
Certificate: See Sample

Need Training for 5 or More People?

Customized to your team's need:

Annual Subscriptions
Private Training
Flexible Pricing
Enterprise LMS
Dedicated Customer Success Manager

Cisco Certified Network Associate SECOPS

Cisco Certified Network Associate SECOPS

More Information:

Contact a Learning Consultant

Need Training for 5 or More People?

Course Information

Outline

VPAT Heading Level

VPAT Heading Level

Approve The Cookies

Cisco Certified Network Associate SECOPS

Cisco Certified Network Associate SECOPS

More Information:

Contact a Learning Consultant

Need Training for 5 or More People?

Course Information

Outline

VPAT Heading Level

VPAT Heading Level