1. Home
  2. Cisco
  3. 210-250

Cisco Cybersecurity Fundamentals

Exam Details

  • Exam Code
    :210-250
  • Exam Name
    :Cisco Cybersecurity Fundamentals
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :1157 Q&As
  • Last Updated
    :Nov 03, 2022

Cisco Cisco Certifications 210-250 Questions & Answers

  • Question 951:

    Which of the following are examples of scalable, commercial, and open source log-collection and -analysis platforms? (Select all that apply.)

    A. Splunk

    B. Spark

    C. Graylog

    D. Elasticsearch, Logstash, and Kibana (ELK) Stack

  • Question 952:

    Host-based firewalls are often referred to as which of the following?

    A. Next-generation firewalls

    B. Personal firewalls

    C. Host-based intrusion detection systems

    D. Antivirus software

  • Question 953:

    What are some of the characteristics of next-generation firewall and next generation IPS logging capabilities? (Select all that apply.)

    A. With next-generation firewalls, you can only monitor malware activity and not access control policies.

    B. With next-generation firewalls, you can monitor events for traffic that does not conform with your access control policies. Access control policies allow you to specify, inspect, and log the traffic that can traverse your network. An access control policy determines how the system handles traffic on your network.

    C. Next-generation firewalls and next-generation IPSs help you identify and mitigate the effects of malware. The FMC file control, network file trajectory, and Advanced Malware Protection (AMP) can detect, track, capture, analyze, log, and optionally block the transmission of files, including malware files and nested files inside archive files.

    D. AMP is supported by Cisco next-generation firewalls, but not by IPS devices.

  • Question 954:

    Which of the following are characteristics of next-generation firewalls and the Cisco Firepower Management Center (FMC) in relation to incident management? (Select all that apply.)

    A. They provide a list of separate things, such as hosts, applications, email addresses, and services, that are authorized to be installed or active on a system in accordance with a predetermined baseline.

    B. These platforms support an incident lifecycle, allowing you to change an incident's status as you progress through your response to an attack.

    C. You can create your own event classifications and then apply them in a way that best describes th e vulnerabilities on your network.

    D. You cannot create your own event classifications and then apply them in a way that best describes the vulnerabilities on your network

  • Question 955:

    Which of the following are true regarding full packet capture?

    A. Full packet capture demands great system resources and engineering efforts, not only to collect the data and store it, but also to be able to analyze it. That is why, in many cases, it is better to obtain network metadata by using NetFlow.

    B. Full packet captures can be discarded within seconds of being collected because they are not needed for forensic activities.

    C. NetFlow and full packet captures serve the same purpose.

    D. Most sniffers do not support collecting broadcast and multicast traffic.

  • Question 956:

    What is an application blacklist?

    A. A list of different entities that have been determined to be malicious

    B. A list of different entities that have been determined to be false positives

    C. A list of different malicious websites and hosts

    D. A list of different domains that are known to host malware

  • Question 957:

    Which of the following is software that can enable you to encrypt files on your hard disk drive?

    A. BitCrypt

    B. CryptoWall

    C. CryptoLocker

    D. BitLocker

  • Question 958:

    To effectively protect your emails, you should make sure of which the following?

    A. All your email messages are sent to a sandbox to be evaluated before reaching their destination.

    B. The connection to your email provider or email server is actually encrypted.

    C. Your actual email messages are encrypted.

    D. Your stored, cached, or archived email messages are also protected.

  • Question 959:

    Why you should enable Network Time Protocol (NTP) when you collect logs from network devices?

    A. To make sure that network and server logs are collected faster.

    B. Syslog data is useless if it shows the wrong date and time. Using NTP ensures that the correct time is set and that all devices within the network are synchronized.

    C. By using NTP, network devices can record the time for certificate management.

    D. NTP is not supported when collecting logs from network infrastructure devices.

  • Question 960:

    Cisco ASA supports which of the following types of logging? (Select all that apply.)

    A. Console logging

    B. Terminal logging

    C. ASDM logging and Email logging

    D. External syslog server logging

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.