What are two security goals of data normalization? (Choose two.)
A. purge redundant data
B. reduce size of data on disk
C. increase data exposure
D. maintain data integrity
E. create data for abstraction
Which statement about the collected evidence data when performing digital forensics is true?
A. It must be preserved and its integrity verified.
B. It must be copied to external storage media and immediately distributed to the CISO.
C. It must be deleted as soon as possible due to PCI compliance.
D. It must be stored in a forensics lab only by the data custodian.
Which incident handling phase is focused on minimizing the impact of the incident?
A. reporting
B. remediation
C. containment
D. scoping
Refer to the exhibit.
Which host is likely connecting to a malicious site?
A. 10.0.1.10
B. 10.0.1.1
C. 10.0.1.2
D. 10.0.1.20
Which file system has 32 bits assigned to the address clusters of the allocation table?
A. FAT32
B. NTFS
C. EXT4
D. FAT16
Which Cyber Kill Chain Model category does attacking a vulnerability belong to?
A. Exploitation
B. Action on Objectives
C. Installation
D. Delivery
According to NIST SP800-86, which action describes volatile data collection?
A. collection of data before a system reboot
B. collection of data that contains malware
C. collection of data during a system reboot
D. collection of data after a system reboot
What are the metric values for confidentiality impact in the CVSS v3.0 framework?
A. high, low
B. high, low, none
C. high, medium, none
D. open, closed, obsolete
You have a video of a suspect entering a data center that was captured on the same day that files in the same data center were transferred to a competitor. Which type of evidence is this?
A. indirect evidence
B. prima facie evidence
C. best evidence
D. physical evidence
What information is unnecessary for determining the appropriate containment strategy according to NIST SP800-61 r2?
A. attack vector used to compromise the system
B. effectiveness of the strategy
C. time and resources needed to implement the strategy
D. need for evidence preservation
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-255 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.