Which two statements are true about malvertisements? (Choose two.)
A. Malvertisements are sometimes set up to affect all visitors to a site only during a specific period of time.
B. Malvertisements' malicious code remains forever.
C. Malvertisements affect both trustworthy and untrustworthy sites.
D. Infection only occurs when the victim clicks a malvertisement.
Which best describes a fast flux service network?
A. uses DNS servers to resolve many different IP addresses over short span of time
B. a high-bandwidth network
C. a low latency network
D. a network that generates large number of random domain names
Which best describes how a DNS amplification and reflection attack is implemented?
A. by predicting the next transaction ID used in DNS query and using that to construct a spoofed DNS message
B. by using multiple DNS open resolvers to send DNS response messages to the target device
C. by falsifying and spoofing RR information on the DNS resolver
D. by depleting DNS resolver's CPU, memory, and/or socket buffers
Which form of cryptography is used to protect passwords?
A. asymmetric cryptography
B. two factor cryptography
C. hash cryptography
D. elliptical curve Diffie-Hellman cryptography
Which two statements are true regarding an attacker who is performing a "pass-the-hash" attack? (Choose two.)
A. The attacker knows the actual password.
B. The attacker does not know the actual password.
C. The attacker has control over the victim's machine.
D. The attacker performs a brute-force computation of the hash.
What two describe how attackers obtain access to password hashes? (Choose two.)
A. brute-force attack
B. phishing attack
C. memory that is left behind from active log-on sessions
D. relevant authentication databases
Which two determine the speed at which a password can be cracked using the brute-force method? (Choose two.)
A. willingness of the victim to share personal information
B. the attacker's computer speed
C. the attacker's list of the commonly used passwords
D. the length and complexity of the password
What three threats are email-based? (Choose three.)
A. spam
B. attachment-based attacks
C. email address spoofing
D. insufficient user authentication
Which two best describe the difference between XSS and CSRF? (Choose two.)
A. XSS exploits the user's trust in a particular web site.
B. CSRF exploits the web site's trust in a user's browser.
C. XSS exploits the web site's trust in a user's browser.
D. CSRF exploits the user's trust in a particular web site.
Which two countermeasures reduce the threat of CSRF? (Choose two.)
A. Educate users to recognize possible phishing attacks.
B. Deny access to the public Internet from workstations and laptops.
C. Visit the OWASP.org web site for up-to-date information and guidance on developing web content.
D. Implement a proxy server solution for users that access the Internet.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.