Which of the following are provided by threat intelligence feeds?
A. Indicators of compromise
B. IP addresses of attacking systems
C. The overall risk score of all vulnerabilities in the corporate network
D. The overall risk score of threats in the corporate network
What is a runbook?
A. A runbook is a collection of processes running on a system.
B. A runbook is a configuration guide for network security devices.
C. A runbook is a collection of best practices for configuring access control lists on a firewall and other network infrastructure devices.
D. A runbook is a collection of procedures and operations performed by system administrators, security professionals, or network operators.
Chain of custody is the way you document and preserve evidence from the time you started the cyber forensics investigation to the time the evidence is:
A. Documentation about how and when the evidence was collected
B. Documentation about how evidence was transported
C. Documentation about who had access to the evidence and how it was accessed
D. Documentation about the CVSS score of a given CVE
Which of the following are examples of personally identifiable information (PII)?
A. Social security number
B. Biological or personal characteristics, such as an image of distinguishing features, fingerprints, x-rays, voice signature, retina scan, and geometry of the face
C. CVE
D. Date of birth
Which of the following statements are true about the principle of least privilege?
A. Principle of least privilege and separation of duties can be considered to be the same thing.
B. The principle of least privilege states that all users whether they are individual contributors, managers, directors, or executives should be granted only the level of privilege they need to do their job, and no more.
C. Programs or processes running on a system should have the capabilities they need to "get their job done," but no root access to the system.
D. The principle of least privilege only applies to people.
What is the Common Vulnerabilities and Exposures (CVE)?
A. An identifier of threats
B. A standard to score vulnerabilities
C. A standard maintained by OASIS
D. A standard for identifying vulnerabilities to make it easier to share data across tools, vulnerability repositories, and security services
Which of the following is true when describing threat intelligence?
A. Threat intelligence's primary purpose is to make money by exploiting threats.
B. Threat intelligence's primary purpose is to inform business decisions regarding the risks and implications associated with threats.
C. With threat intelligence, threat actors can become more efficient to carry out attacks.
D. Threat intelligence is too difficult to obtain.
Which of the following is an open source feed for threat data?
A. Cyber Squad ThreatConnect
B. BAE Detica CyberReveal
C. MITRE CRITs
D. Cisco AMP Threat Grid
What is the Common Vulnerability Scoring System (CVSS)?
A. A scoring system for exploits.
B. A tool to automatically mitigate vulnerabilities.
C. A scoring method that conveys vulnerability severity and helps determine the urgency and priority of response.
D. A vulnerability-mitigation risk analysis tool.
Which of the following planes is important to understand for defense in depth?
A. Management plane
B. Control plane
C. User/data plane
D. Services plane
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.