Which statement explains the primary difference between reputation-based detection and anomaly-based detection methods?
A. Over time, reputation-based detection will learn and evaluate patterns that could indicate suspicious activity.
B. Anomaly-based detection leverages use of a "signature" to determine whether suspicious activity is occurring.
C. Reputation-based detection allows the IPS to block all traffic from known bad sources before any significant inspection is done.
D. Anomaly-based detection is faster than reputation-based detection.
E. Reputation-based detection leverages use of a "signature," to determine whether suspicious activity is occurring.
Which one of the following statements best describes the primary IPS mechanism used in rule-based detection to help stop attackers from compromising systems?
A. The geo-location database can be installed to filter specific countries, based on reputation scores.
B. IPS rule-sets evaluate various network activities over a long period, allowing rule-based detection configuration to automatically update its rule-set.
C. Rule-based detection, using updated IPS signature files, can be leveraged to stop attackers from malicious activity.
D. Complex ACLs can be applied to the WAN-facing interfaces, allowing rule-based detection to inspect traffic as it enters the sensor.
E. By deploying NAT on WAN-facing interfaces and working with rule-based detection methods, malicious activity can be inspected and blocked before it is sent to internal network resources.
Which two of the following pins are usually monitored by a network tap? (Choose two.)
A. Rx pin on the inbound traffic
B. Tx pin on the inbound traffic
C. Rx pin on the outbound traffic
D. Tx pin on the outbound traffic
E. Both Rx and Tx pins; inbound or outbound traffic flows do not apply.
Which two of the following options are other common names for SPAN? (Choose two.)
A. port multiplexing
B. port mirroring
C. port channeling
D. port monitoring
E. port failover
Which one of the following options describes the steps to enable a SPAN configuration?
A. The destination port is configured, then the source port.
B. Create a VLAN, then assign the destination port to span traffic to the console port.
C. Define the source port or VLAN, then select the destination port.
D. Configure port mirroring via configuration mode, then define the source traffic port.
E. Configure port monitoring via ROMMON mode, then define the source traffic port.
Which is a key requirement for the RSPAN feature to work across a network?
A. All switches must belong to the same management network address range.
B. Trunk ports must connect all switches from the source port to the destination port of the RSPAN.
C. All ports on source and destination switches must be configured as access ports.
D. All switches must reside in the same VTP domain.
E. All network devices must be the same model and run the same IOS version.
Cisco ASA firewalls are advanced stateful firewalls. Which two advanced features can be found in these devices? (Choose two.)
A. botnet traffic filtering
B. ATM cell filtering
C. malware detonation using the embedded hard drive
D. network address translation mechanisms
E. RIPv2 payload encryption mechanisms
Which three of the following statements best describe the limitations of network taps? (Choose three.)
A. Separate Rx and Tx make it difficult to determine which side of the connection sent the traffic.
B. Taps that are inserted at the physical layer can impact the performance on the inserted link.
C. Taps are unable to filter traffic.
D. Separating Rx and Tx requires multiple NICs to capture both sides of the connection.
E. Taps are expensive.
Which two of the following protocols are most commonly found in AAA? (Choose two.)
A. TCP/IP
B. TACACS+
C. OSPF MD5
D. RADIUS
E. IPSEC
What two are measures of posture compliance used by identity and access management systems? (Choose two.)
A. user name
B. OS patch levels
C. IP address
D. antivirus version
E. access group
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.