Free Cisco 200-201 Practice Questions 2026 | Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

What is the principle of defense-in-depth?

A.

Agentless and agent-based protection for security are used.

B.

Several distinct protective layers are involved.

C.

Access control models are involved.

D.

Authentication, authorization, and accounting mechanisms are used.

Refer to the exhibit.

A.

Trusted Root Certificate store on the local machine

B.

Windows PowerShell verb

C.

Windows Registry hive

D.

local service in the Windows Services Manager

What is a difference between tampered and untampered disk images?

A.

Tampered images have the same stored and computed hash.

B.

Tampered images are used as evidence.

C.

Untampered images are used for forensic investigations.

D.

Untampered images are deliberately altered to preserve as evidence

How does a certificate authority impact security?

A.

It validates client identity when communicating with the server.

B.

It authenticates client identity when requesting an SSL certificate.

C.

It authenticates domain identity when requesting an SSL certificate.

D.

It validates the domain identity of the SSL certificate.

Which security technology guarantees the integrity and authenticity of all messages transferred to and from a web application?

A.

Hypertext Transfer Protocol

B.

SSL Certificate

C.

Tunneling

D.

VPN

Which tool provides a full packet capture from network traffic?

A.

Nagios

B.

CAINE

C.

Hydra

D.

Wireshark

Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?

A.

Modify the settings of the intrusion detection system.

B.

Design criteria for reviewing alerts.

C.

Redefine signature rules.

D.

Adjust the alerts schedule.

Which technology on a host is used to isolate a running application from other
applications?

A.

sandbox

B.

application allow list

C.

application block list

D.

host-based firewall

Which security technology allows only a set of pre-approved applications to run on a system?

A.

application-level blacklisting

B.

host-based IPS

C.

application-level whitelisting

D.

antivirus

What is the impact of false positive alerts on business compared to true positive?

A.

True positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach.

B.

True positive alerts are blocked by mistake as potential attacks affecting application availability.

C.

False positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach.

D.

False positive alerts are blocked by mistake as potential attacks affecting application availability.