What type of access control model is based on an individual's roles and responsibilities within the organization?
A. access control list
B. non-discretionary access control
C. mandatory access control
D. discretionary access control
In addition to discretionary, non-discretionary, and mandatory access control, which two should be part of an organization's access security plan? (Choose two.)
A. separation of duties
B. account lock-outs
C. physical security locks
D. principle of least privilege
E. photo identification
What type of information does CVSS provide for a vulnerability?
A. risk transfer procedures
B. severity of the vulnerability
C. suggestions for managing the vulnerability
D. risk mitigation
Which three are considered personally identifiable information (PII) data? (Choose three.)
A. passport number
B. driver's license
C. office address
D. birthplace
E. type and model of personal vehicle
What option does not contain a security risk?
A. a service that is deployed in the cloud
B. data that are backed up on a USB drive
C. a new unconfigured router that is not connected to the network
D. an old hard drive that is about to be scrapped
What is a countermeasure that an organization can employ to improve the confidentiality of data that is transmitted by users and devices?
A. update network cable to use shielded twisted pair cable
B. increase password complexity rules
C. use encryption between sending and receiving parties
D. make sure that operating systems have up-to-date software patches
Which activity can be used to ensure data confidentiality?
A. provide authenticity of the data by digitally signing it
B. increase the data privacy by encrypting it
C. use a two-factor authentication to authenticate the source of the data
D. back up the data to an offsite location
What are three goals of OpenSOC? (Choose three.)
A. to provide a collaborative open source community for development of an extensible and scalable advanced security analytics tool
B. to provide a collaborative open communication platform for network outages and performance monitoring
C. to encourage open communication for additional features and identification of deficiencies for a stable and functionally usable tool
D. to identify key feature enhancements to drive technology efforts around efficient security analytics
E. to identify key performance indicators for network device analysis and capacity planning
Implementing a "threat-centric" security strategy means to focus on which one of the following options?
A. defenses
B. attacks
C. company assets
D. compliance regulations
E. security controls
Which two IT security control frameworks offer good starting points and can be used together? (Choose two.)
A. Control Objectives for Information and Related Technologies (COBIT)
B. Creative Control Systems for Information Security (CCSIS)
C. Mobility Operations and Optimization Planning Document (MOOP)
D. ISO/IEC 27002:2013
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.