Cisco Certified Network Associate SECOPS
QuickStart is now offering assessment questions for Cisco Certified Network Associate SECOPS. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for Cisco Certified Network Associate SECOPS.
Which of the following are journaling file systems available with Windows or Linux?(Select 2 answers)
- A. FAT32 and FAT
-
Incorrect.
- B. Ext3 and Ext4 file systems
-
Correct!
- C. NTFS
-
Correct!
- D. Ext 2 and Ext
-
Incorrect.
What are the basic tenets of information security pertinent to forensics and information management?
- A. Confidentiality, Integrity, and Availability
-
Correct!
- B. Security, Integrity, and Availability
-
Incorrect.
- C. Confidentiality, Intimacy, and Availability
-
Incorrect.
- D. Secured Access, Network Connectivity, and Insights
-
Incorrect.
Arachni, Skipfish, and w3af are examples of what?
- A. Web proxies
-
Incorrect.
- B. Password crackers
-
Incorrect.
- C. Security assessment tools
-
Incorrect.
- D. Web application scanners
-
Correct!
A security researcher is assessing the security posture of the web servers in an organization's data center. The security researcher finds out that all these web servers are missing a critical security patch issued by the vendor. In this scenario, what has the security researcher found?
Which of the following data might be most interesting for threat actors from a profitability point of view?
- A. Personally identifiable information (PII) such as HIPAA
-
Incorrect.
- B. An organization’s intellectual property (IP)
-
Incorrect.
- C. Personal credit card data
-
Incorrect.
- D. All of these answers are correct.
-
Correct!
Which of the following are objectives of the containment, eradication, and recovery phase of the incident response process?(Select 3 answers)
- A. Implement a containment strategy.
-
Correct!
- B. Perform event correlation.
-
Incorrect.
- C. Identify the attacking hosts.
-
Correct!
- D. The need for evidence preservation.
-
Correct!
Which of the following is not a part of a forensic investigation plan?
- A. How to collect the evidence?
-
Incorrect.
- B. How to safeguard the evidence?
-
Incorrect.
- C. Who to submit the report to?
-
Correct!
- D. WThe methodologies for analyzing the evidence
-
Incorrect.
Which of the following terms is used to describe the movement and location of physical evidence from the time it is obtained until the time it is presented in court?
- A. Chain of custody
-
Correct!
- B. Chain of evidence
-
Incorrect.
- C. Chain of custodian
-
Incorrect.
- D. Client victim chain
-
Incorrect.
What does the following figure represent?
- A. Forensic chain of custody
-
Incorrect.
- B. Order of volatility of the digital evidence
-
Correct!
- C. Order in which a forensic examiner analyzes evidence
-
Incorrect.
During a forensic exercise, which of the following must be addressed first when investigating a cyber crime?
- B. Protection of data gathered
-
Incorrect.
- C. Engagement of legal and other law agencies
-
Incorrect.
- D. Collecting and securing the evidence
-
Correct!
In the context of digital forensics, which of the following statements is not true?
- A. Chain of custody should be diligently followed to acquire, preserve, and safeguard the digital evidence.
-
Incorrect.
An employee was convicted by an organization, for conducting corporate espionage using his personal mobile device. The device was taken into secure custody, pending analysis. Which of the following is the most appropriate methodology for mobile device forensic investigation?
- A. The mobile should be switched off immediately to prevent its interaction with the surrounding environment.
-
Incorrect.
Which dashboard shown in the following figure displays the threats from various geographical regions?
- A. Cisco AMP
-
Incorrect.
- B. Cuckoo Sandbox
-
Incorrect.
- C. Cisco Senderbase.org
-
Incorrect.
- D. Cisco FMC
-
Correct!
What does the regex \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b match against?(Select 2 answers)
The following figure shows a Wireshark pcap analysis. What can be inferred from this pcap file relevant to DNS traffic?
- B. This file displays DNS and UDP traffic.
-
Incorrect.
Which of the following regex will match the hexadecimal expression #e3b103?
- A. /^!?([a-b0-9]{3}|[a-f0-9]{3})$/
-
Incorrect.
- B. /^#?([a-f0-9]{6}|[a-f0-9]{3})$/
-
Correct!
- C. /^#?([a-f0-9]{5}|[a-f0-9]{3})$/
-
Incorrect.
- D. /^#?([a-f0-9]{3}|[a-f0-9]{2})$/
-
Incorrect.
What is represented by the ? in the following figure in context to security events?
- A. Security frameworks
-
Incorrect.
- B. Security processes
-
Correct!
- C. Security artifacts
-
Incorrect.
- D. Malware inspection
-
Incorrect.
The following figure illustrates Cisco Wireless Lan Controller (WLC) logs. What can be inferred from this log file?
- A. The WLC has disassociated the client with IP address 10.20.203.101 in response to the Cisco ASA block.
-
Incorrect.
- B. The WLC has shunned the client with IP address 10.20.203.101 in response to the Cisco ASA shun
-
Incorrect.
What does the following figure illustrate?
- A. NetFlow v7 export packet
-
Incorrect.
- B. NetFlow v9 header format
-
Correct!
- C. NetFlow v9 record format
-
Incorrect.
- D. NetFlow v1 header format
-
Incorrect.
What does the following IOS configuration enable?
- A. NetFlow v1 export format
-
Incorrect.
- B. Flexible NetFlow IPFIX export format
-
Correct!
- C. NetFlow v5 header format
-
Incorrect.
- D. Flexible NetFlow IPFIX IP flow information Format
-
Incorrect.
DDoS attacks are often used maliciously to consume the resources of your hosts and network that would otherwise be used to serve legitimate users. Which of the following can be used as a tool for detecting traffic anomalies?
- A. Antivirus software
-
Incorrect.
- B. NetFlow
-
Correct!
- C. Cisco ASA
-
Incorrect.
- D. Kill Chain
-
Incorrect.
The following figure illustrates a NetFlow traffic capture using NfSen. What can be inferred about the traffic flow illustrated?
- A. The graph displays normal traffic flow
-
Incorrect.
- B. The graph displays anomalous UDP traffic flow.
-
Correct!
- C. The graph displays normal UDP traffic flow.
-
Incorrect.
Which Cisco product boasts the following dashboard?
- A. Cisco SDM
-
Incorrect.
- B. Cisco Lancope StealthWatch
-
Correct!
- C. Cisco ASDM
-
Incorrect.
- D. Cisco Senderbase.org
-
Incorrect.
NetFlow is used for which of the following purposes?
- A. Collecting logs for troubleshooting the network devices
-
Incorrect.
- C. To oversee the packet flows on the network
-
Incorrect.
Which NIST publication addresses the incident response process in line with statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347?
Which of the following is the main goal of a security awareness program? And during which phase of the incident response process would developing a user awareness program be useful?
It is important that information about a Cyber crime investigation be?
- A. Contained and destroyed as soon after trial as possible
-
Incorrect.
- B. Kept limited to as few people as possible
-
Correct!
- D. Backed up to a safe system to ensure availability
-
Incorrect.
An organization is investigating an occurrence of a possible breach signified by an IDS system. Pertinent to this specific occasion, which of the following terms best describes the occurrence of a false negative in context to the IDS system?
NIST developed Special Publication 800-61 due to statutory responsibilities under which of the following acts?
- Home
- Cisco Certified Network Associate SECOPS
Cisco Certified Network Associate SECOPS
More Information:
- Learning Style: On Demand
- Learning Style: Practice Exam
- Difficulty: Beginner
- Course Duration: 1 Hour
- Course Info: Download PDF
- Certificate: See Sample
Contact a Learning Consultant
Need Training for 5 or More People?
Customized to your team's need:
- Annual Subscriptions
- Private Training
- Flexible Pricing
- Enterprise LMS
- Dedicated Customer Success Manager
Course Information