Cisco Updated 200-201 Exam Questions and Answers by maisy

Encryption is an evasion technique that is a function of ransomware, which is a type of malware that encrypts the victim’s files or system and demands a ransom for the decryption key. Encryption is used by ransomware to prevent the victim from accessing their data and to avoid detection by antivirus or other security tools. Encryption can also be used by other types of malware to hide their communication, configuration, or payload from analysis. References:

• Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) v1.0, Module 3: Network Intrusion Analysis, Lesson 3.4: Malware
• Cisco Certified CyberOps Associate Overview, Exam Topics, 3.4 Compare and contrast types of malware

Symmetric encryption is a type of encryption that uses the same key to encrypt and decrypt data. Asymmetric encryption is a type of encryption that uses a pair of keys: a public key and a private key. The public key can be used to encrypt data, but only the private key can decrypt it, and vice versa. An advantage of symmetric encryption over asymmetric encryption is that it is faster and more efficient for encrypting large amounts of data, such as in sessions or bulk transfers. Asymmetric encryption is slower and more computationally intensive, but it is more secure and suitable for key exchange or digital signatures. References := Cisco Cybersecurity Operations Fundamentals, Module 2: Security Monitoring, Lesson 2.3: Cryptography and PKI, Topic 2.3.1: Cryptography

 A sandbox interprocess communication service refers to the mechanisms that allow different processes within a sandboxed environment to communicate with each other. These interfaces are crucial for coordinating activities among processes, especially in a restricted environment like a sandbox where direct interaction with the operating system or other processes might be limited for security reasons. This communication is essential for complex applications that require different processes to work together to perform tasks.

References := The Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) material covers various security technologies and how they can be used to protect systems, which includes the use of sandboxing to isolate and monitor potentially malicious code

Cisco Application Visibility and Control (AVC) provides features like metrics collection and exporting (D) for visibility on TCP bandwidth usage, response time, and latency. Application recognition (E) combined with deep packet inspection helps in identifying unknown software by its network traffic flow. References := Cisco CyberOps Associate - Module 2: Security Concepts