1. Home
  2. Cisco
  3. 210-250

Cisco Cybersecurity Fundamentals

Exam Details

  • Exam Code
    :210-250
  • Exam Name
    :Cisco Cybersecurity Fundamentals
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :1157 Q&As
  • Last Updated
    :Nov 03, 2022

Cisco Cisco Certifications 210-250 Questions & Answers

  • Question 581:

    In what two ways does the pass-the-hash attack allow an attacker to gain access to workstations, servers, and key services? (Choose two.)

    A. Servers use the passed hash directly rather than computing a local version of the same password to make password hashing more efficient.

    B. These attacks allow attackers to take advantage of other systems' horizontal acknowledgment of user permissions without requiring re-authentication.

    C. Many systems will accept a hash of the user password allowing the captured hash to be used for authentication.

    D. All systems store passwords as hashes which can be interchanged among systems regardless of hashing algorithm.

    E. All hash technologies have been reversed with publicly available rainbow tables for all hashes, giving attackers an easy ability to reverse any hash.

  • Question 582:

    Which three are DNS vulnerabilities? (Choose three.)

    A. DNS cache poisoning attacks

    B. DNS resolution interception

    C. DNS amplification and reflection attacks

    D. TCP SYN flood

    E. DNS resource utilization attacks

  • Question 583:

    Why are DNS open resolvers the focus of so many malicious activities?

    A. DNS open resolvers sit inside the enterprise firewall which must pass DNS traffic making them easy attack vectors.

    B. These servers must respond to any query from any Internet host.

    C. Since DNS open resolvers belong to no administrative authority, they cannot be secured.

    D. DNS open resolvers are used by enterprises allowing the attacker an easy means to infiltrate the enterprise network.

  • Question 584:

    Which of the following is true about NetFlow?

    A. NetFlow can be deployed to replace IPS devices.

    B. NetFlow provides information about network session data.

    C. NetFlow provides user authentication information.

    D. NetFlow provides application information.

  • Question 585:

    What is DLP?

    A. An email inspection technology used to prevent phishing attacks

    B. A software or solution for making sure that corporate users do not send sensitive or critical information outside the corporate network

    C. A web inspection technology used to prevent phishing attacks

    D. A cloud solution used to provide dynamic layer protection

  • Question 586:

    Stateful and traditional firewalls can analyze packets and judge them against a set of predetermined rules called access control lists (ACLs). They inspect which of the following elements within a packet?

    A. Session headers

    B. NetFlow flow information

    C. Source and destination ports and source and destination IP addresses

    D. Protocol information

  • Question 587:

    Which of the following explains features of a traditional stateful firewall?

    A. Access control is done by application awareness and visibility.

    B. Access control is done by the five-tuple (source and destination IP addresses, source and destination ports, and protocol).

    C. Application inspection is not supported.

    D. Traditional stateful firewalls support advanced malware protection

  • Question 588:

    Which of the following describes a traditional IPS?

    A. A network security appliance or software technology that resides in stateful firewalls

    B. A network security appliance or software technology that supports advanced malware protection

    C. A network security appliance or software technology that inspects network traffic to detect and prevent security threats and exploits

    D. A virtual appliance that can be deployed with the Cisco Adaptive Security Manager (ASM)

  • Question 589:

    Which of the following statements are true when referring to network address translation (NAT)?

    A. NAT can only be used in firewalls.

    B. Static NAT does not allow connections to be initiated bidirectionally.

    C. Static NAT allows connections to be initiated bidirectionally.

    D. NAT is often used by firewalls; however, other devices such as routers and wireless access points provide support for NAT.

  • Question 590:

    Which of the following are examples of next-generation firewalls?

    A. Cisco WSA

    B. Cisco ASA 5500-X

    C. Cisco ESA

    D. Cisco Firepower 4100 Series

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.