Cisco CyberOps Associate Exam Simulator

Correct Answer: Enabling account lockout after a certain number of failed login attempts
Explanation: Account lockout is a security measure that temporarily disables a user account after a specified number of failed login attempts, which helps to prevent brute-force attacks.

Correct Answer: To provide a detailed record of an incident, including the events that occurred and the actions taken to resolve it.
Explanation: An incident report is a formal document that provides a comprehensive overview of a security incident, which is crucial for post-incident analysis and for future training.

Correct Answer: Role-Based Access Control (RBAC)
Explanation: RBAC is an access control model where permissions are assigned to a user based on their role within an organization. For example, all employees in the "Finance" role would have the same permissions.

Correct Answer: To actively block malicious network traffic based on known signatures.
Explanation: A NIPS is a security technology that monitors network traffic and actively blocks malicious traffic in real time based on a set of rules or signatures.

Correct Answer: A high-volume network connection to an unknown IP address
Explanation: A high-volume network connection to an unknown IP address can be a sign of a compromised host communicating with a command-and-control server to download additional malware or to exfiltrate data.

Correct Answer: A statement of the organization's security goals and a set of rules to achieve them.
Explanation: A security policy is a high-level document that sets the tone for an organization's security program and defines the rules and goals for protecting its assets.

Correct Answer: To record and analyze the raw data of network traffic.
Explanation: A packet capture tool, or packet sniffer, records all network traffic passing through a network interface. This allows an analyst to perform a deep-level inspection of the traffic to find signs of malicious activity.

Correct Answer: Enabling multi-factor authentication (MFA) on the account.
Explanation: Multi-factor authentication adds a second layer of security beyond a password, making it much more difficult for an attacker to compromise an account.

Correct Answer: Browser history files
Explanation: Browser history files, which are stored on the host, contain a record of all websites visited by a user and are a critical source of information in a host-based analysis.

Correct Answer: To provide a list of known malicious IP addresses, domains, and file hashes.
Explanation: A threat intelligence feed is a collection of data, such as indicators of compromise (IOCs), that can be used to inform and improve an organization's security posture.