Exam Name: | Understanding Cisco Cybersecurity Operations Fundamentals (200-201 CBROPS) | ||
Exam Code: | 200-201 Dumps | ||
Vendor: | Cisco | Certification: | CyberOps Associate |
Questions: | 311 Q&A's | Shared By: | nolan |
An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group.
What is the initial event called in the NIST SP800-61?
An organization is cooperating with several third-party companies. Data exchange is on an unsecured channel using port 80 Internal employees use the FTP service to upload and download sensitive data An engineer must ensure confidentiality while preserving the integrity of the communication. Which technology must the engineer implement in this scenario'?
An engineer is working on a ticket for an incident from the incident management team A week ago. an external web application was targeted by a DDoS attack Server resources were exhausted and after two hours it crashed. An engineer was able to identify the attacker and technique used Three hours after the attack, the server was restored and the engineer recommended implementing mitigation by Blackhole filtering and transferred the incident ticket back to the IR team According to NIST SP800-61, at which phase of the incident response did the engineer finish work?
A user received a malicious attachment but did not run it. Which category classifies the intrusion?