210-250 Exam Questions - Online Test
210-250 Premium VCE File
150 Lectures, 20 Hours
Q1. Which type of exploit normally requires the culprit to have prior access to the target system?
A. local exploit
B. denial of service
C. system vulnerability
D. remote exploit
Answer: A
Q2. Which definition of a process in Windows is true?
A. running program
B. unit of execution that must be manually scheduled by the application
C. database that stores low-level settings for the OS and for certain applications
D. basic unit to which the operating system allocates processor time
Answer: C
Q3. Which protocol maps IP network addresses to MAC hardware addresses so that IP packets can be sent across networks?
A. Internet Control Message Protocol
B. Address Resolution Protocol
C. Session Initiation Protocol
D. Transmission Control Protocol/Internet Protocol
Answer: A
Q4. Which option is a purpose of port scanning?
A. Identify the Internet Protocol of the target system.
B. Determine if the network is up or down
C. Identify which ports and services are open on the target host.
D. Identify legitimate users of a system.
Answer: A
Q5. Which two features must a next generation firewall include? (Choose two.)
A. data mining
B. host-based antivirus
C. application visibility and control
D. Security Information and Event Management
E. intrusion detection system
Answer: D,E
Q6. A firewall requires deep packet inspection to evaluate which layer?
A. application
B. Internet
C. link
D. transport
Answer: A
Q7. Which definition of the virtual address space for a Windows process is true?
A. actual physical location of an object in memory
B. set of virtual memory addresses that it can use
C. set of pages that are currently resident in physical memory
D. system-level memory protection feature that is built into the operating system
Answer: A
Q8. Which term represents the chronological record of how evidence was collected- analyzed, preserved, and transferred?
A. chain of evidence
B. evidence chronology
C. chain of custody
D. record of safekeeping
Answer: C
Q9. Which concern is important when monitoring NTP servers for abnormal levels of traffic?
A. Being the cause of a distributed reflection denial of service attack.
B. Users changing the time settings on their systems.
C. A critical server may not have the correct time synchronized.
D. Watching for rogue devices that have been added to the network.
Answer: C
Q10. DRAG DROP
Drag the technology on the left to the data type the technology provides on the right.
Answer:
Explanation: Tcpdump = transaction data netflow = session data
Traditional stateful firwall = connection event Web content filtering = full packet capture
- [2021-New] Cisco 300-365 Dumps With Update Exam Questions (1-10)
- Cisco 810-440 Free Practice Questions 2021
- Cisco 500-701 Dumps Questions 2021
- Practical 400-151 Braindumps 2021
- [2021-New] Cisco 300-210 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 210-260 Dumps With Update Exam Questions (21-30)
- [2021-New] Cisco 642-997 Dumps With Update Exam Questions (31-40)
- [2021-New] Cisco 300-101 Dumps With Update Exam Questions (61-66)
- Cisco 210-065 Dumps 2021
- Cisco 210-065 Exam Questions 2021