Cisco Updated 200-201 Exam Questions and Answers by amalia

Exploitation - The targeted Environment is taken advantage of triggering the threat actor's code

Installation - Backdoor is placed on the victim system allowing the threat actor to maintain the persistence.

Command and Control - An outbound connection is established to an Internet-based controller server.

Actions and Objectives - The threat actor takes actions to violate data integrity and availability

Application whitelisting/blacklisting is a technology used to control which applications are allowed to execute on a company’s corporate PCs. Whitelisting allows only approved applications to run, while blacklisting prevents specific applications from running. This approach is effective for managing application usage across an enterprise.

 In TCP/IP networking, the ACK flag is used to acknowledge the receipt of a packet. It’s a way to confirm that the previous packets have been received and that the connection is proceeding as expected. The RST flag, on the other hand, is used to reset the connection. It is sent if a segment arrives which is not intended for the current connection, or if a connection request is to be denied. Essentially, the ACK flag is about maintaining the established connection, while the RST flag is about aborting connections that are not valid or are no longer needed123.

References: The information provided is based on standard TCP/IP protocol behavior as described in networking resources and Cisco’s cybersecurity documentation

With stronger data visibility, detailed information about the data in real-time is provided. This enhanced visibility allows for a more comprehensive analysis of network traffic, enabling security professionals to identify and mitigate threats more effectively. References := Cisco Cybersecurity Operations Fundamentals