Which two of the following statements are correct about blacklists and whitelists? (Choose two.)
A. Whitelists are used only to identify IP addresses to be permitted.
B. A blacklist can identify IP addresses, applications, domains, or URLs to be explicitly denied.
C. Whitelisting denies all traffic that is not explicitly permitted.
D. Whitelisting applications will always stop the malware payloads.
Which one of the following statements is true about host-based IPS (HIPS)?
A. HIPS and antivirus solutions are the same thing.
B. HIPS combines the capabilities of antivirus, antispyware, and personal firewall software.
C. HIPS protects the host on which it is installed from known attacks only.
D. If antivirus software is installed on a system, HIPS does not need to be installed.
What is the reason that most anti-virus solutions cannot detect zero-day attacks?
A. It uses anomaly-based detection.
B. It uses signature-based detection.
C. It uses behavior-based detection.
D. It uses a sandbox to run the file.
What is the attacker trying to gain by turning off the Windows Firewall on the victim's Windows machine?
A. allow unsolicited incoming connections to the victim's machine
B. block all outgoing connections from the victim's machine
C. enable the victim's machine to send outbound CnC traffic back to the attacker's infrastructure D. allow a VPN connection from the victim's machine to the attacker's CnC server.
Which two of the following statements are true about host-based anti-virus software? (Choose two.)
A. User identity detection is embedded in most antivirus software code.
B. Most antivirus software uses signature-based malware detection.
C. Antivirus software is wholly dependent on running scans to find malware that has already obtained a foothold on a system.
D. Antivirus software may use heuristics with other methods to detect malware.
The Cisco Web Security Appliance (Cisco WSA) can be both a physical and virtual instance. Which two of the following options are hypervisors that are currently supported in a virtual implementation of Cisco WSA? (Choose two.)
A. Citrix XenServer
B. Oracle VM Server for x86
C. VMware ESXi
D. Nutanix Acropolis
E. Kernel-Based Virtual Machine
The OSSEC tool is which type of security tool?
A. NetFlow Collector
B. IPS
C. IDS
D. HIDS
E. Firewall
Which Linux security control should be used with a personal firewall to provide an additional layer of protection at the application layer, and to permit or deny access to a specific service?
A. TCP wrappers
B. IP tables
C. uncomplicated firewall (UFW)
D. host-based IPS
Regarding the Cisco CTA dashboard, what is the primary purpose of the "relative threat exposure"?
A. Using a single pane, it quickly identifies, which device on the network is compromised.
B. It provides an instant view into existing CnC channels within the network infrastructure.
C. It answers the question, "Who has infiltrated the network?"
D. It answers the question, "How is my organization doing as it relates to others?"
E. It identifies which known CVE vulnerabilities are present within the configured network devices, included routers, switches, and NGFWs.
What NGFW feature supports inspection of SSL-based traffic?
A. user or user group policies
B. intelligent security automation, correlating different event data and payloads
C. ESP packet payload enforcement policies
D. SSL/TLS traffic flow analysis
E. malware protection
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.