600-199 Exam Details

  • Exam Code
    :600-199
  • Exam Name
    :Securing Cisco Networks with Threat Detection and Analysis
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :58 Q&As
  • Last Updated
    :Dec 14, 2021

Cisco 600-199 Online Questions & Answers

  • Question 1:

    The IHL is a 4-bit field containing what measurement?

    A. the number of 32-bit words in the IP header
    B. the size of the IP header, in bytes
    C. the size of the entire IP datagram, in bytes
    D. the number of bytes in the IP header
    E. the number of 32-bit words in the entire IP datagram

  • Question 2:

    After an attack has occurred, which two options should be collected to help remediate the problem? (Choose two.)

    A. packet captures
    B. NAT translation table
    C. syslogs from affected devices
    D. connection table information
    E. NetFlow data

  • Question 3:

    For TCP and UDP, what is the correct range of well-known port numbers?

    A. 0 - 1023
    B. 1 - 1024
    C. 1 - 65535
    D. 0 - 65535
    E. 024 - 65535

  • Question 4:

    Refer to the exhibit.

    Exhibit: 3240

    Which two personal administrators should be involved to investigate further? (Choose two.)

    A. email administrator
    B. IPS administrator
    C. DNS administrator
    D. desktop administrator
    E. security administrator

  • Question 5:

    Which two measures would you recommend to reduce the likelihood of a successfully executed network attack from the Internet? (Choose two.)

    A. Completely disconnect the network from the Internet.
    B. Deploy a stateful edge firewall.
    C. Buy an insurance policy against attack-related business losses.
    D. Implement a password management policy for remote users.

  • Question 6:

    Which action is recommended to prevent an incident from spreading?

    A. Shut down the switch port.
    B. Reboot the system.
    C. Reboot the switch.
    D. Reboot the router.

  • Question 7:

    Which step should be taken first when a server on a network is compromised?

    A. Refer to the company security policy.
    B. Email all server administrators.
    C. Determine which server has been compromised.
    D. Find the serial number of the server.

  • Question 8:

    If a company has a strict policy to limit potential confidential information leakage, which three alerts would be of concern? (Choose three.)

    A. P2P activity detected
    B. Skype activity detected
    C. YouTube viewing activity detected
    D. Pastebin activity detected
    E. Hulu activity detected

  • Question 9:

    Which three tools should be used for incident response? (Choose three.)

    A. screwdriver
    B. sniffer
    C. antivirus/anti-malware software
    D. video player
    E. CPU
    F. RAM

  • Question 10:

    What is the purpose of the TCP SYN flag?

    A. to sequence each byte of data in a TCP connection
    B. to synchronize the initial sequence number contained in the Sequence Number header field with the other end of the connection
    C. to acknowledge outstanding data relative to the byte count contained in the Sequence Number header field
    D. to sequence each byte of data in a TCP connection relative to the byte count contained in the Sequence Number header field

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 600-199 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.