Cisco 210-250 Online Practice Questions and Exam Preparation

Cisco 210-250 Online Questions & Answers

• Question 581:

  Why you should enable Network Time Protocol (NTP) when you collect logs from network devices?

  A. To make sure that network and server logs are collected faster.
  B. Syslog data is useless if it shows the wrong date and time. Using NTP ensures that the correct time is set and that all devices within the network are synchronized.
  C. By using NTP, network devices can record the time for certificate management.
  D. NTP is not supported when collecting logs from network infrastructure devices.
  B. Syslog data is useless if it shows the wrong date and time. Using NTP ensures that the correct time is set and that all devices within the network are synchronized.

• Question 582:

  Which term is a file that contains path information to another file or directory?

  A. URL
  B. file system
  C. directory tree
  D. symlinks
  D. symlinks

• Question 583:

  What does Common Vulnerabilities and Exposures represent?

  A. vulnerability exposure index
  B. vulnerability identifier
  C. common vulnerability scanning system
  D. vulnerability scoring system
  B. vulnerability identifier

• Question 584:

  Which concern is important when monitoring NTP servers for abnormal levels of traffic?

  A. Being the cause of a distributed reflection denial of service attack.
  B. Users changing the time settings on their systems.
  C. A critical server may not have the correct time synchronized.
  D. Watching for rogue devices that have been added to the network.
  A. Being the cause of a distributed reflection denial of service attack.

• Question 585:

  Which evasion method may be in use when TLS is observed between two endpoints?

  A. X.509 certificate authentication
  B. encryption
  C. traffic insertion
  D. tunneling
  D. tunneling

• Question 586:

  In the context of configuration management, which of the following best defines a security baseline configuration?

  A. A configuration that has been formally reviewed and approved
  B. The default configuration from the device vendor
  C. A configuration that can be changed without a formal approval
  D. The initial server configuration
  A. A configuration that has been formally reviewed and approved

• Question 587:

  Who is ultimately responsible for security control of an asset?

  A. Senior management
  B. Data custodian
  C. User
  D. System administrator
  A. Senior management

• Question 588:

  When Cisco AMP for Endpoints detects that an unknown file has been received on an endpoint, what does it do with the file?

  A. submits the file to the cloud for future analysis
  B. deletes the file
  C. executes the file to determine if it is malicious or not
  D. performs a file trajectory to determine which other systems have seen the same file
  A. submits the file to the cloud for future analysis

• Question 589:

  When issuing the command ls -l (filename), what is the correct order of user permissions?

  A. file
  B. owner
  C. chown
  D. chmod
  C. chown

• Question 590:

  How can the established keyword in an ACL entry be used?

  A. to permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network
  B. to permit both the initial TCP packet of a new session and the returning TCP packets from an existing TCP connection
  C. to permit only the initial TCP packet of a new session
  D. to change a router into a true stateful firewall controlling the access on a session-by-session basis
  A. to permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network