210-250 Practice Questions

Which definition of a process in Windows is true?

Which definition of permissions in Linux is true?

Which hashing algorithm is the least secure?

Which protocol is expected to have NTP a user agent, host, and referrer headers in a packet capture?

Which definition of a daemon on Linux is true?

Which definition of vulnerability is true?

Which option is an advantage to using network-based anti-virus versus host-based anti- virus?

Which evasion method involves performing actions slower than normal to prevent detection?

Which event occurs when a signature-based IDS encounters network traffic that triggers an alert?

Which data can be obtained using NetFlow?

Which term describes the act of a user, without authority or permission, obtaining rights on a system, beyond what were assigned?

Refer to the exhibit. A TFTP server has recently been installed in the Atlanta office. The network administrator is located in the NY office and has attempted to make a connection...

Which term represents a potential danger that could take advantage of a weakness in a system?

Which security principle states that more than one person is required to perform a critical task?

You must create a vulnerability management framework. Which main purpose of this framework is true?

In computer security, which information is the term PHI used to describe?

Which security monitoring data type requires the most storage space?

Which type of exploit normally requires the culprit to have prior access to the target system?

Which identifier is used to describe the application or process that submitted a log message?

Which concern is important when monitoring NTP servers for abnormal levels of traffic?

Which protocol is primarily supported by the third layer of the Open Systems Interconnection reference model?

A firewall requires deep packet inspection to evaluate which layer?

Which two protocols are used for email (Choose two )

Which two options are recognized forms of phishing? (Choose two )

While viewing packet capture data, you notice that one IP is sending and receiving traffic for multiple devices by modifying the IP header, Which option is making this behavior pos...

Which definition of an antivirus program is true?

Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IPS phones?

An intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources. Which evasion technique does this attempt indicate?

Which type of attack occurs when an attacker utilizes a botnet to reflect requests off an NTP server to overwhelm their target?

In NetFlow records, which flags indicate that an HTTP connection was stopped by a security appliance, like a firewall, before it could be built fully?

Which definition of a fork in Linux is true?

Which two actions are valid uses of public key infrastructure? (Choose two )

Which two terms are types of cross site scripting attacks? (Choose two )

Which network device is used to separate broadcast domains?

Based on which statement does the discretionary access control security model grant or restrict access ?

Which cryptographic key is contained in an X.509 certificate?

Which two activities are examples of social engineering? (Choose two)

Which hash algorithm is the weakest?

A user reports difficulties accessing certain external web pages, When examining traffic to and from the external domain in full packet captures, you notice many SYNs that have the...

Which tool is commonly used by threat actors on a webpage to take advantage of the softwarevulnerabilitiesof a system to spread malware?

Refer to the exhibit. During an analysis this list of email attachments is found. Which files contain the same content?

Which term represents the practice of giving employees only those permissions necessary to perform their specific role within an organization?

Which term represents the chronological record of how evidence was collected- analyzed, preserved, and transferred?

Which two tasks can be performed by analyzing the logs of a traditional stateful firewall? (Choose two.)

Which security monitoring data type is associated with application server logs?

Where is a host-based intrusion detection system located?

One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?

According to RFC 1035 which transport protocol is recommended for use with DNS queries?

Which definition describes the main purpose of a Security Information and Event Management solution ?

Which option is a purpose of port scanning?