Cisco 210-250 Online Practice Questions and Exam Preparation

Cisco 210-250 Online Questions & Answers

• Question 931:

  Why can't ESP packets be transferred by NAT devices?

  A. Because ESP packets are too big to handle.
  B. Because the ESP protocol does not have any ports like TCP or UDP.
  C. Because ESP packets are encrypted.
  D. ESP is supported in NAT devices.
  B. Because the ESP protocol does not have any ports like TCP or UDP.

• Question 932:

  What is an advantage of network-based antimalware compared to a host-based solution?

  A. It can block malware at the entry point.
  B. It can check the integrity of a file on the host.
  C. It can receive a signature and reputation from the cloud.
  D. It can use a heuristic engine for malware detection.
  A. It can block malware at the entry point.

• Question 933:

  What are two ways that packet fragmentation can allow an attacker to evade an IPS sensor? (Choose two.)

  A. IPS sensors cannot perform fragmentation and reassembly, forcing them to permit fragmented packets through the IPS sensor.
  B. IPS sensors that do not reassemble fragmented packets may fail to recognize the payload as an attack.
  C. Packet fragments hide the destination address of the payload, preventing the IPS from learning the hosts being attacked.
  D. IPS sensors may interpret fragments differently than end hosts, allowing attacks through the sensor.
  E. Setting the DNF-bit can force the IPS sensor to permit packets sent to it as a sequence of fragments, because the IPS sees them as error frames.
  B. IPS sensors that do not reassemble fragmented packets may fail to recognize the payload as an attack.
  D. IPS sensors may interpret fragments differently than end hosts, allowing attacks through the sensor.

• Question 934:

  A traffic substitution and insertion attack does which of the following?

  A. Substitutes the traffic with data in a different format but with the same meaning
  B. Substitutes the payload with data in the same format but with a different meaning, providing a new payload
  C. Substitutes the payload with data in a different format but with the same meaning, not modifying the payload
  D. Substitutes the traffic with data in the same format but with a different meaning
  C. Substitutes the payload with data in a different format but with the same meaning, not modifying the payload

• Question 935:

  What phase of the TCP communication process is attacked during a TCP SYN flood attack?

  A. three-way handshake
  B. connection established
  C. connection closed
  D. connection reset
  A. three-way handshake

• Question 936:

  Which of the following is an example of a remote-access VPN client?

  A. Cisco Encrypted Tunnel Client
  B. Cisco AnyConnect Secure Mobility Client
  C. Cisco ASA Client
  D. Cisco Firepower Client
  B. Cisco AnyConnect Secure Mobility Client

• Question 937:

  The application layer of the TCP/IP model corresponds to which of the following three layers of the OSI model? (Choose three.)

  A. application
  B. transport
  C. session
  D. presentation
  E. data link
  A. application
  C. session
  D. presentation

• Question 938:

  Which two best describe iFrames? (Choose two.)

  A. a new Apple product
  B. hidden inline frames
  C. loading a webpage inside another webpage
  D. a frame within a browser where a user can view the page's source code
  B. hidden inline frames
  C. loading a webpage inside another webpage

• Question 939:

  Which two of the following protocols are most commonly found in AAA? (Choose two.)

  A. TCP/IP
  B. TACACS+
  C. OSPF MD5
  D. RADIUS
  E. IPSEC
  B. TACACS+
  D. RADIUS

• Question 940:

  Which one of the following options is used to pass VLAN information between two different switches?

  A. 802.1D
  B. 802.1W
  C. 802.1Q
  D. a routing protocol, such as EIGRP or OSPF
  E. the spanning tree protocol
  C. 802.1Q