Cisco Updated 200-201 Exam Questions and Answers by zayyan

 Indicators of attack (IoAs) are signs that an attack may be in progress or imminent. Malware reinfection within a few minutes of removal (D) is a strong IoA because it suggests that the attacker has a persistent mechanism to redeploy malware, indicating an active compromise of the system.

References: Cisco’s Cybersecurity Operations Fundamentals documents

Patch management is the process of distributing and managing updates to software and systems. These updates can include patches for security vulnerabilities, bug fixes, and enhancements to improve performance or add new features. It ensures that systems are up-to-date, secure, and performing optimally. References := Cisco Cybersecurity Training

 Profiling a network involves various elements that provide insights into its characteristics and behaviors. Total throughput is crucial as it measures the amount of data passing from a source to a destination in a given period, reflecting the network’s capacity and usage patterns1. Listening ports are also essential for profiling because they represent the entry points for network services, indicating which services are available and potentially vulnerable1.

References :=

• Network profiling tools and techniques discussed in online resources23.
• Direct explanations of network profile elements

The correct display filter for analyzing FTP traffic in a PCAP file is “tcp.port==21”. This filter will show all TCP packets where the port number is 21, which is the standard port for FTP control messages.