If an engineering server's risk of being hacked is assigned a risk level of very high, which assessment strategy is being used?
A. quantitative
B. qualitative
C. impact
D. discretionary
E. non-discretionary
F. mandatory
What is the best way to manage personally identifiable information (PII) data?
A. back it up on a local hard drive
B. apply confidentiality processes when handling it
C. use mandatory access control to secure it
D. sign it using a digital signature
What are the three basic security requirements of network security? (Choose three.)
A. accountability
B. availability
C. confidentiality
D. integrity
E. visibility
What three changes have occurred in modern networks that require enhanced security? (Choose three.)
A. Modern networks utilize a common set of widely known and open protocols.
B. The use of common operating systems on smart phones such as Apple iOS and Android has provided attackers with simpler means to instigate targeted attacks.
C. Fault tolerance and backup systems provide threat actors easy access to system resources and data.
D. The global connectivity of the Internet provides more opportunities for threat actors to connect to information systems.
E. The increased complexity of operating systems and application software has made it more difficult to ensure security across all systems.
What is the security property that guarantees that sensitive information is changed only by an authorized party?
A. accountability
B. availability
C. confidentiality
D. integrity
E. visibility
What best describes a brute-force attack?
A. breaking and entering into a physical building or network closet
B. an attacker's attempt to decode a cipher by attempting each possible key combination to find the correct one
C. a rogue DHCP server that is posing as a legitimate DHCP server on a network segment
D. an attacker inserting itself between two devices in a communication session and then taking over the session.
Which one of the following statements describes the risk of not destroying a session key that is no longer used for completed communication of encrypted data?
A. The attacker could have captured the encrypted communication and stored it while waiting for an opportunity to acquire the key.
B. Systems can only store a certain number of keys and could be unable to generate new keys for communication.
C. It increases the risk of duplicate keys existing for the key space of the algorithm.
D. The risk of weaker keys being generated increases as the number of keys stored increases.
Which part of the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 cipher suite is used to specify the bulk encryption algorithm?
A. ECDHE_ECDSA
B. AES_128_CBC
C. SHA256
D. P384
Why is using ECDHE_ECDSA stronger than using RSA?
A. ECDHE_ECDSA provides both data authenticity and confidentiality.
B. ECDHE_ECDSA uses a much larger key size.
C. ECDHE_ECDSA uses a pseudorandom function to generate the keying materials.
D. If the server's private key is later compromised, all the prior TLS handshakes that are done using the cipher suite cannot be compromised.
Which three of the following options does the client validate on inspection of a server certificate? (Choose three.)
A. The subject matches the URL that is being visited.
B. The website was already in the browser's cache.
C. A root DNS server provided the IP address for the URL.
D. The current time is within the certificate's validity date.
E. The signature of the CA that is in the certificate is valid.
F. The client already has a session key for the URL.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.