Cisco 210-250 Online Practice Questions and Exam Preparation

Cisco 210-250 Online Questions & Answers

• Question 291:

  Which of these provides a recording of network traffic that can be replayed at a later time?

  A. session data
  B. full packet capture
  C. NetFlow data
  D. statistical data
  B. full packet capture

• Question 292:

  What does the syslog on a Cisco ASA firewall offer a security analyst?

  A. time-stamped record of domain user log in history
  B. time-stamped record of transaction and alert history
  C. time-stamped record of file transfers from within the network
  D. time-stamped record of protocol violations
  B. time-stamped record of transaction and alert history

• Question 293:

  Which of the following are responsibilities of an asset owner? (Mark all that apply)

  A. Implementation of security controls
  B. Asset security classification
  C. Asset disposal
  D. Analysis of the access logs
  B. Asset security classification
  C. Asset disposal

• Question 294:

  Which Linux terminal command can be used to display all the processes?

  A. ps -ef
  B. ps -u
  C. ps -d
  D. ps -m
  A. ps -ef

• Question 295:

  Which option is a purpose of port scanning?

  A. Identify the Internet Protocol of the target system.
  B. Determine if the network is up or down.
  C. Identify which ports and services are open on the target host.
  D. Identify legitimate users of a system.
  C. Identify which ports and services are open on the target host.

• Question 296:

  A Layer 2 redirect or spoofing attack can be referred to as what type of attack?

  A. ARP attack
  B. DHCP attack
  C. NetBios attack
  D. SSID attack
  A. ARP attack

• Question 297:

  DRAG DROP

  Match the following characteristics with the appropriate threat model.

  Select and Place:

  

  

• Question 298:

  Depending on the version of NetFlow, a network infrastructure device can gather different types of information, including which of the following?

  A. Differentiated services code point (DSCP)
  B. The device's input interface
  C. TCP flags
  D. Type of service (ToS) byte
  A. Differentiated services code point (DSCP)
  B. The device's input interface
  C. TCP flags
  D. Type of service (ToS) byte

• Question 299:

  What is a Tor exit node?

  A. A Tor exit node is the first Tor node or the "gateway" where the Tor encrypted traffic "exits" to the Internet.
  B. A Tor exit node is the last Tor node or the "gateway" where the Tor encrypted traffic "exits" to the Internet.
  C. A Tor exit node is the Tor node or the "gateway" where the Tor browser connects first.
  D. A Tor exit node is an Internet routing entity that can define how the Tor browser exits the common Internet and connects to the darknet.
  B. A Tor exit node is the last Tor node or the "gateway" where the Tor encrypted traffic "exits" to the Internet.

• Question 300:

  Which one of the following statements best describes the primary IPS mechanism used in rule-based detection to help stop attackers from compromising systems?

  A. The geo-location database can be installed to filter specific countries, based on reputation scores.
  B. IPS rule-sets evaluate various network activities over a long period, allowing rule-based detection configuration to automatically update its rule-set.
  C. Rule-based detection, using updated IPS signature files, can be leveraged to stop attackers from malicious activity.
  D. Complex ACLs can be applied to the WAN-facing interfaces, allowing rule-based detection to inspect traffic as it enters the sensor.
  E. By deploying NAT on WAN-facing interfaces and working with rule-based detection methods, malicious activity can be inspected and blocked before it is sent to internal network resources.
  C. Rule-based detection, using updated IPS signature files, can be leveraged to stop attackers from malicious activity.