Cisco 210-250 Online Practice Questions and Exam Preparation

Cisco 210-250 Online Questions & Answers

• Question 421:

  Where is a host-based intrusion detection system located?

  A. on a particular end-point as an agent or a desktop application
  B. on a dedicated proxy server monitoring egress traffic
  C. on a span switch port
  D. on a tap switch port
  A. on a particular end-point as an agent or a desktop application

• Question 422:

  What are the two requirements for running software in a Linux installation? (Choose two.)

  A. The file must be structured in a format that either allows it to run on its own or run through an interpreter.
  B. The user must be a super-user to run code.
  C. The file must have the execute bit set in its permission properties for the user who wants to execute the file.
  D. The file must be stored in the /etc directory.
  A. The file must be structured in a format that either allows it to run on its own or run through an interpreter.
  C. The file must have the execute bit set in its permission properties for the user who wants to execute the file.

• Question 423:

  What HTTP feature is a small piece of data that is sent from the web server and stored in the user's web browser while the user is browsing?

  A. HTTP status code
  B. HTTP cookie
  C. HTTP request method
  D. HTTP response code
  B. HTTP cookie

• Question 424:

  Which three of the following are TCP applications? (Choose three.)

  A. Telnet
  B. SSH
  C. ARP
  D. FTP
  E. NTP
  A. Telnet
  B. SSH
  D. FTP

• Question 425:

  Which process type occurs when a parent process is terminated and the remaining child process is permitted to continue on its own?

  A. Zombie process
  B. Orphan process
  C. Rogue process
  D. Parent process
  B. Orphan process

• Question 426:

  Which type of data typically consists of connection level, application-specific records generated from network traffic?

  A. location data
  B. statistical data
  C. alert data
  D. transaction data
  B. statistical data

• Question 427:

  Which one of the following options is the routing protocol that is usually used between the major ISPs?

  A. BGP
  B. OSPF
  C. IS-IS
  D. EIGRP
  E. OSPF or IS-IS
  A. BGP

• Question 428:

  According to the common vulnerability scoring system, which term is associated with scoring multiple vulnerabilities that are exploit in the course of a single attack?

  A. chained score
  B. risk analysis
  C. Vulnerability chaining
  D. Confidentiality
  C. Vulnerability chaining

• Question 429:

  After a large influx of network traffic to externally facing devices, you begin investigating what appears to be a denial of service attack. When you review packet capture data, you notice that the traffic is a single SYN packet to each port. Which kind of attack is this?

  A. SYN flood
  B. port scanning
  C. traffic fragmentation
  D. host profiling
  A. SYN flood

• Question 430:

  Why are reputation filters typically the first filters that are applied to inbound emails in content security systems?

  A. to remove spam messages, which use SMTP server resources.
  B. These filters are the most complicated to run so they are executed first to conserve CPU resources.
  C. to reduce the processing load on other filters by eliminating emails from known bad sources.
  D. to reduce the processing load on other filters by eliminating emails from known bad sources.
  C. to reduce the processing load on other filters by eliminating emails from known bad sources.