ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 216 discussion

Actual exam question from Cisco's 200-201
Question #: 216
Topic #: 1
[All 200-201 Questions]

A company encountered a breach on its web servers using IIS 7.5. During the investigation, an engineer discovered that an attacker read and altered the data on a secure communication using TLS 1.2 and intercepted sensitive information by downgrading a connection to export-grade cryptography. The engineer must mitigate similar incidents in the future and ensure that clients and servers always negotiate with the most secure protocol versions and cryptographic parameters.
Which action does the engineer recommend?

  • A. Upgrade to TLS v1.3.
  • B. Install the latest IIS version.
  • C. Deploy an intrusion detection system.
  • D. Downgrade to TLS 1.1.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ValenteSensei at Jan. 12, 2023, 10:38 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
stickerbombmaster
7 months, 2 weeks ago
Selected Answer: B
Ineed we need to use 1.3 (so it would be A), but for some reason there is exact IIS version mentioned in question I think (7.5 does not support 1.3 at all), so I think that B will be correct
upvoted 3 times
...
RoBery
9 months, 3 weeks ago
A "ensure that clients and servers always negotiate with the most secure protocol versions and cryptographic parameters" means secure any other server or clint, not only this IIS 7.5.
upvoted 1 times
...
jorgeaaq
1 year ago
Answer A looks logical , but IIS 7.5 not support TLS 1.3 so , first we need to upgrade IIS version to a version who support TLS 1.3 ... so B is the correct Answer
upvoted 3 times
stickerbombmaster
7 months, 2 weeks ago
Exactly, classic cisco type of question Technically B is correct because we need to upgrade IIS first to enable option A so use 1.3 At the end no one knows what does Cisco put as correct answer
upvoted 1 times
...
...
SecurityGuy
1 year, 2 months ago
Selected Answer: A
TLS v1.0 - Deprecated TLS v1.1 - Deprecated TLS v1.2 - In use (supported by 99.9% of the websites). TLS v1.3 - In use (supported by 59.8% of the websites), although many haven’t implemented it as the default protocol. https://cheapsslsecurity.com/blog/tls-versions-what-they-are-and-which-ones-are-still-supported/ - From a Security Admin point of view, the most obvious choice is to update software versions. Since TLS has is more inclined to security than IIS, I'd go with A on this one.
upvoted 4 times
...
Topsecret
1 year, 3 months ago
Selected Answer: A
A. Upgrade to TLS v1.3.
upvoted 1 times
...
drdecker100
1 year, 8 months ago
Selected Answer: A
The engineer should recommend upgrading to TLS v1.3. TLS v1.3 is the latest version of the TLS protocol and provides enhanced security features compared to its predecessors. It includes a stronger key exchange algorithm, improved cipher suites, and better protection against downgrade attacks. Upgrading to TLS v1.3 will help to ensure that clients and servers always negotiate with the most secure protocol version and cryptographic parameters, making it harder for attackers to intercept sensitive information. Installing the latest IIS version may provide some security improvements, but it is not a substitute for upgrading to TLS v1.3.
upvoted 1 times
...
GiorTal
1 year, 8 months ago
Selected Answer: A
The correct answer is A. Upgrade to TLS v1.3.
upvoted 1 times
...
ValenteSensei
1 year, 9 months ago
A. Upgrade to TLS v1.3. TLS (Transport Layer Security) is a cryptographic protocol that is used to secure network communications. It provides authentication, data integrity, and confidentiality for communications over the Internet. TLS 1.2 is the current version of the protocol, but it has been found to be vulnerable to certain types of attacks. Upgrade to the latest version of the protocol, TLS 1.3, which is more secure and resistant to those types of attacks.
upvoted 1 times
ercole77
1 year, 9 months ago
TLS 1.3 in Windows OS is supported only in Windows 11 and Windows Server 2022. Question says IIS 7.5, incuded in Windows 7 and Windows Server 2008 R2. Answer is B-> Install the latest IIS version
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago