Cisco 210-255 Online Practice Questions and Exam Preparation

Cisco 210-255 Online Questions & Answers

• Question 201:

  Which option is unnecessary for determining the appropriate containment strategy according to NIST.SP800-61 r2?

  A. effectiveness of the strategy
  B. time and resource needed to implement the strategy
  C. need for evidence preservation
  D. attack vector used to compromise the system
  D. attack vector used to compromise the system

• Question 202:

  During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?

  A. collection
  B. examination
  C. reporting
  D. investigation
  A. collection

• Question 203:

  Which type of intrusion event is an attacker retrieving the robots. txt file from target site?

  A. exploitation
  B. weaponization
  C. scanning
  D. reconnaissance
  D. reconnaissance

• Question 204:

  In VERIS, an incident is viewed as a series of events that adversely affects the information assets of an organization. Which option contains the elements that every event is comprised of according to VERIS incident model'?

  A. victim demographics, incident description, incident details, discovery and response
  B. victim demographics, incident details, indicators of compromise, impact assessment
  C. actors, attributes, impact, remediation
  D. actors, actions, assets, attributes
  D. actors, actions, assets, attributes

• Question 205:

  Which regular expression matches "color" and "colour"?

  A. col[0-9]+our
  B. colo?ur
  C. colou?r
  D. ]a-z]{7}
  C. colou?r

• Question 206:

  attacker using robots.txt is under which category?

  A. Reconnaissance
  B. Weaponization
  C. Delivery
  D. Exploitation
  E. Installation
  F. Command and control (C2)
  G. Actions on objectives
  A. Reconnaissance

• Question 207:

  What is the definition of integrity according to CVSSv3 framework?

  A. This metric measures the impact to the confidentiality of the information resources that are managed by a software component due to a successfully exploited vulnerability.
  B. This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information.
  C. This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
  B. This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information.

• Question 208:

  DRAG DROP

  Drag and drop the type of evidence from the left onto the correct description(s) of that evidence on the right.

  Select and Place:

  

  

• Question 209:

  Which two goals of data normalization are true? (Choose two.)

  A. Eliminate update anomalies.
  B. Eliminate redundant data.
  C. Increase integrity of data.
  D. Increase redundancy of data.
  E. Increase data availability.
  B. Eliminate redundant data.
  C. Increase integrity of data.

• Question 210:

  When incident data is collected, it is important that evidentiary cross-contamination is prevented. How is this accomplished?

  A. by allowing unrestricted access to impacted devices
  B. by not allowing items of evidence to physically touch
  C. by ensuring power is removed to all devices involved
  D. by not permitting a device to store evidence if it is the evidence itself.
  D. by not permitting a device to store evidence if it is the evidence itself.