1. Home
  2. Cisco
  3. 210-255

Cisco Cybersecurity Operations

Exam Details

  • Exam Code
    :210-255
  • Exam Name
    :Cisco Cybersecurity Operations
  • Certification
    :Cisco Certified CyberOps Associate
  • Vendor
    :Cisco
  • Total Questions
    :224 Q&As
  • Last Updated
    :Nov 03, 2022

Cisco Cisco Certified CyberOps Associate 210-255 Questions & Answers

  • Question 171:

    Which description of a retrospective malware detection is true?

    A. You use Wireshark to identify the malware source.

    B. You use historical information from one or more sources to identify the affected host or file.

    C. You use information from a network analyzer to identify the malware source.

    D. You use Wireshark to identify the affected host or file.

  • Question 172:

    A CMS plugin creates two files that are accessible from the Internet myplugin.html and exploitable.php. A newly discovered exploit takes advantage of an injection vulnerability in exploitable.php. To exploit the vulnerability, one must send an HTTP POST with specific variables to exploitable.php. You see traffic to your webserver that consists of only HTTP GET requests to myplugin.html. Which category best describes this activity?

    A. weaponization

    B. exploitation

    C. installation

    D. reconnaissance

  • Question 173:

    Which CVSSv3 metric value increases when attacks consume network bandwidth, processor cycles, or disk space?

    A. confidentiality

    B. integrity

    C. availability

    D. complexity

  • Question 174:

    Which Security Operations Center's goal is to provide incident handling to a country?

    A. Coordination Center

    B. Internal CSIRT

    C. National CSIRT

    D. Analysis Center

  • Question 175:

    Which feature is used to find possible vulnerable services running on a server?

    A. CPU utilization

    B. security policy

    C. temporary internet files

    D. listening ports

  • Question 176:

    Which identifies both the source and destination location?

    A. IP address

    B. URL

    C. ports

    D. MAC address

  • Question 177:

    Which type of analysis assigns values to scenarios to see what the outcome might be in each scenario?

    A. deterministic

    B. exploratory

    C. probabilistic

    D. descriptive

  • Question 178:

    Refer to the Exhibit. A customer reports that they cannot access your organization's website. Which option is a possible reason that the customer cannot access the website?

    A. The server at 10.33.1.5 is using up too much bandwidth causing a denial- of-service.

    B. The server at 10.67.10.5 has a virus.

    C. A vulnerability scanner has shown that 10.67.10.5 has been compromised.

    D. Web traffic sent from 10.67.10.5 has been identified as malicious by Internet sensors.

  • Question 179:

    A user on your network receives an email in their mailbox that contains a malicious attachment. There is no indication that the file was run. Which category as defined in the Diamond Model of Intrusion does this activity fall under?

    A. reconnaissance

    B. weaponization

    C. delivery

    D. installation

  • Question 180:

    You receive an alert for malicious code that exploits Internet Explorer and runs arbitrary code on the site visitor machine. The malicous code is on an external site that is being visited by hosts on your network. Which user agent in the HTTP headers in the requests from your internal hosts warrants further investigation?

    A. Mozilla/5.0 (compatible, MSIE 10.0, Windows NT 6.2, Trident 6.0)

    B. Mozilla/5.0 (XII; Linux i686; rv: 1.9.2.20) Gecko/20110805

    C. Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 4O0) Gecko/20100101

    D. Opera/9.80 (XII; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-255 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.