100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CyberOps Associate 1.0 Final Exam Questions with Correct Answers $11.99   Add to cart

Exam (elaborations)

CyberOps Associate 1.0 Final Exam Questions with Correct Answers

 8 views  0 purchase
  • Course
  • Cyber Ops Certification
  • Institution
  • Cyber Ops Certification

What are two problems that can be caused by a large number of ARP request and reply messages? (Choose two.) 1) All ARP request messages must be processed by all nodes on the local network. 2) The ARP request is sent as a broadcast, and will flood the entire subnet. Refer to the exhibit. Which...

[Show more]

Preview 3 out of 22  pages

  • June 14, 2024
  • 22
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
  • Cyber Ops Certification
  • Cyber Ops Certification
avatar-seller
twishfrancis
CyberOps Associate 1.0 Final Exam
Questions with Correct Answers

What are two problems that can be caused by a large number of ARP request and reply
messages? (Choose two.) ✅1) All ARP request messages must be processed by all
nodes on the local network.

2) The ARP request is sent as a broadcast, and will flood the entire subnet.

Refer to the exhibit. Which field in the Sguil application window indicates the priority of
an event or set of correlated events? ✅ST

Match the job titles to SOC personnel positions. (Not all options are used.) ✅Tier 1
Alert Analyst —> monitors incoming alerts & verifies that a true incident has occured

Tier 2 Incident Responder -> involved in deep investigation of incident

Tier 3 Subject Matter Expert -> involved in hunting for potential threads & implements
thread detection tools

If the default gateway is configured incorrectly on the host, what is the impact on
communications? ✅The host can communicate with other hosts on the local network,
but is unable to communicate with hosts on remote networks.

When a connectionless protocol is in use at a lower layer of the OSI model, how is
missing data detected and retransmitted if necessary? ✅Upper -layer connection -
oriented protocols keep track of the data received and can request retransmission from
the upper -level protocols on the sending host.

What is the prefix length notation for the subnet mask 255.255.255.224? ✅/27

Which network monitoring tool saves captured network frames in PCAP files?
✅Wireshark

What is the TCP mechanism used in congestion avoidance? ✅sliding window

What is the Internet? ✅It provides connections through interconnected global
networks.

Which protocol is used by the traceroute command to send and receive echo -requests
and echo -replies? ✅ICMP

1 / 3

What are two ICMPv6 messages that are not present in ICMP for IPv4? (Choose two.)
✅1) Neighbor Solicitation

2) Router Advertisement

What are two monitoring tools that capture network traffic and forward it to network
monitoring devices? (Choose two.) ✅1) SPAN

2) network tap

Which network monitoring tool is in the category of network protocol analyzers?
✅Wireshark

Based on the command output shown, which file permission or permissions have been
assigned to the other user group for the data.txt file? ✅read

What are three benefits of using symbolic links over hard links in Linux? (Choose three.)
✅1) They can link to a directory.

2) They can link to a file in a different file system.

3) They can show the location of the original file.

A network security specialist is tasked to implement a security measure that monitors
the status of critical files in the data center and sends an immediate alert if any file is
modified. Which aspect of secure communications is addressed by this security
measure? ✅data integrity

A network administrator is configuring an AAA server to manage TACACS+
authentication. What are two attributes of TACACS+ authentication? (Choose two.)
✅1) encryption for all communication

2) separate processes for authentication and authorization

In an attempt to prevent network attacks, cyber analysts share unique identifiable
attributes of known attacks with colleagues. What three types of attributes or indicators
of compromise are helpful to share? (Choose three.) ✅1) IP addresses of attack
servers

2) changes made to end system software

3) features of malware files

Which two types of messages are used in place of ARP for address resolution in IPv6?
(Choose two.) ✅1) neighbor solicitation
2 / 3


2) neighbor advertisement

What is indicated by a true negative security alert classification? ✅Normal traffic is
correctly ignored and erroneous alerts are not being issued.

Normal traffic is correctly ignored and erroneous alerts are not being issued. ✅It
compares the behavior of a host to an established baseline to identify potential
intrusions.

Match the description to the antimalware approach. (Not all options are used.)
✅signature -based - by recognizing various characteristics of known malware files

heuristics -based - by recognizing general features shared by various types of malware

behavior -based - through analysis of suspicious activities

Which two protocols are associated with the transport layer? (Choose two.) ✅1) UDP

2) TCP

A network administrator is creating a network profile to generate a network baseline.
What is included in the critical asset address space element? ✅the IP addresses or
the logical location of essential systems or data

What are the three impact metrics contained in the CVSS 3.0 Base Metric Group?
(Choose three.) ✅1) confidentiality

2) integrity

3) availability

What is a characteristic of DNS? ✅DNS servers can cache recent queries to reduce
DNS query traffic.

What are two differences between HTTP and HTTP/2? (Choose two.) ✅1) HTTP/2
uses a compressed header to reduce bandwidth requirements.

2) HTTP/2 uses multiplexing to support multiple streams and enhance efficiency.

A router has received a packet destined for a network that is in the routing table. What
steps does the router perform to send this packet on its way? Match the step to the task
performed by the router. ✅1) Both are deployed as sensors.

2) Both use signatures to detect malicious traffic. Powered by TCPDF (www.tcpdf.org)
3 / 3

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller twishfrancis. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $11.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

62890 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$11.99
  • (0)
  Add to cart