210-250 Exam Questions
198 real 210-250 exam questions with expert-verified answers and explanations. Page 1 of 4.
- Question #1Cybersecurity Fundamentals
Which definition of a process in Windows is true?
Windows processesOS conceptsprocess definition - Question #2Cybersecurity Fundamentals
Which definition of permissions in Linux is true?
Linux permissionsfile ownershipaccess control - Question #3Security Technologies
Which hashing algorithm is the least secure?
hashing algorithmsMD5cryptographic strengthhash security - Question #4Security Technologies
Which protocol is expected to have NTP a user agent, host, and referrer headers in a packet capture?
HTTP headerspacket captureprotocol identificationnetwork protocols - Question #5Cybersecurity Fundamentals
Which definition of a daemon on Linux is true?
Linux daemonbackground processesOS concepts - Question #6Threats and Vulnerabilities
Which definition of vulnerability is true?
vulnerability definitionunpatched weaknesssecurity concepts - Question #7Security Technologies
Which option is an advantage to using network-based anti-virus versus host-based anti- virus?
network antivirushost-based antivirusunmanaged devicesendpoint security - Question #8Threats and Vulnerabilities
Which evasion method involves performing actions slower than normal to prevent detection?
timing attackIDS evasionevasion techniquesslow-rate attack - Question #9Security Technologies
Which event occurs when a signature-based IDS encounters network traffic that triggers an alert?
signature-based IDSintrusion detectionintrusion eventalert types - Question #10Security Technologies
Which data can be obtained using NetFlow?
NetFlowsession datanetwork monitoringtraffic analysis - Question #11Threats and Vulnerabilities
Which term describes the act of a user, without authority or permission, obtaining rights on a system, beyond what were assigned?
privilege escalationunauthorized accessaccess control - Question #12Cybersecurity Fundamentals
Refer to the exhibit. A TFTP server has recently been installed in the Atlanta office. The network administrator is located in the NY office and has attempted to make a connection...
TFTPDHCPnetwork troubleshootingIP addressing - Question #13Threats and Vulnerabilities
Which term represents a potential danger that could take advantage of a weakness in a system?
threat definitionsecurity conceptsweakness exploitation - Question #14Security Principles
Which security principle states that more than one person is required to perform a critical task?
separation of dutiessecurity principlescritical task control - Question #15Threats and Vulnerabilities
You must create a vulnerability management framework. Which main purpose of this framework is true?
vulnerability managementrisk mitigationvulnerability lifecycleframework - Question #16Security Principles
In computer security, which information is the term PHI used to describe?
PHIprotected health informationdata classificationcompliance - Question #17Security Technologies
Which security monitoring data type requires the most storage space?
full packet capturesecurity monitoringdata typesstorage requirements - Question #18Threats and Vulnerabilities
Which type of exploit normally requires the culprit to have prior access to the target system?
local exploitremote exploitexploit typesprior access - Question #19Security Technologies
Which identifier is used to describe the application or process that submitted a log message?
syslogfacility fieldlog managementlog format - Question #20Threats and Vulnerabilities
Which concern is important when monitoring NTP servers for abnormal levels of traffic?
NTP amplificationDDoS reflection attacktraffic anomalynetwork monitoring - Question #21Cybersecurity Fundamentals
Which protocol is primarily supported by the third layer of the Open Systems Interconnection reference model?
OSI modelnetwork layerIPv4IPv6 - Question #22Security Technologies
A firewall requires deep packet inspection to evaluate which layer?
firewalldeep packet inspectionOSI layersapplication layer - Question #23Cybersecurity Fundamentals
Which two protocols are used for email (Choose two )
email protocolsIMAPSMTPapplication protocols - Question #24Threats and Vulnerabilities
Which two options are recognized forms of phishing? (Choose two )
phishingspear phishingwhalingsocial engineering - Question #25Cybersecurity Fundamentals
While viewing packet capture data, you notice that one IP is sending and receiving traffic for multiple devices by modifying the IP header, Which option is making this behavior pos...
NATIP headerpacket capturenetwork address translation - Question #26Security Technologies
Which definition of an antivirus program is true?
antivirusmalware detectionendpoint security - Question #27Threats and Vulnerabilities
Which type of attack occurs when an attacker is successful in eavesdropping on a conversation between two IPS phones?
man-in-the-middleeavesdroppingVoIP securityattack types - Question #28Threats and Vulnerabilities
An intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources. Which evasion technique does this attempt indicate?
IDS evasionresource exhaustionport scanningdenial of service - Question #29Threats and Vulnerabilities
Which type of attack occurs when an attacker utilizes a botnet to reflect requests off an NTP server to overwhelm their target?
DDoSbotnetNTP amplificationreflection attack - Question #30Security Technologies
In NetFlow records, which flags indicate that an HTTP connection was stopped by a security appliance, like a firewall, before it could be built fully?
NetFlowTCP flagsRST flagfirewall blocking - Question #31Cybersecurity Fundamentals
Which definition of a fork in Linux is true?
Linuxforkprocess managementoperating system - Question #32Security Technologies
Which two actions are valid uses of public key infrastructure? (Choose two )
PKIcertificate revocationcertificate validationpublic key infrastructure - Question #33Threats and Vulnerabilities
Which two terms are types of cross site scripting attacks? (Choose two )
XSSstored XSSreflected XSSweb attacks - Question #34Cybersecurity Fundamentals
Which network device is used to separate broadcast domains?
routerbroadcast domainnetwork segmentationlayer 3 - Question #35Security Principles
Based on which statement does the discretionary access control security model grant or restrict access ?
discretionary access controlDACaccess control modelsobject owner - Question #36Security Technologies
Which cryptographic key is contained in an X.509 certificate?
X.509 certificatepublic keyPKIasymmetric cryptography - Question #37Threats and Vulnerabilities
Which two activities are examples of social engineering? (Choose two)
social engineeringpretextingphishingcredential harvesting - Question #38Security Technologies
Which hash algorithm is the weakest?
hash algorithmsSHA-1cryptographic weaknesshashing - Question #39Threats and Vulnerabilities
A user reports difficulties accessing certain external web pages, When examining traffic to and from the external domain in full packet captures, you notice many SYNs that have the...
TCP injectionpacket analysissequence numbersfull packet capture - Question #40Threats and Vulnerabilities
Which tool is commonly used by threat actors on a webpage to take advantage of the softwarevulnerabilitiesof a system to spread malware?
exploit kitmalware distributionweb-based attacksvulnerability exploitation - Question #41Cybersecurity Fundamentals
Refer to the exhibit. During an analysis this list of email attachments is found. Which files contain the same content?
file hashinghash comparisondigital forensicsemail analysis - Question #42Security Principles
Which term represents the practice of giving employees only those permissions necessary to perform their specific role within an organization?
least privilegeaccess controlpermissionsauthorization - Question #43Cybersecurity Fundamentals
Which term represents the chronological record of how evidence was collected- analyzed, preserved, and transferred?
chain of custodydigital forensicsevidence handlingincident response - Question #44Security Technologies
Which two tasks can be performed by analyzing the logs of a traditional stateful firewall? (Choose two.)
stateful firewalllog analysisTCP 5-tupleNAT - Question #45Cybersecurity Fundamentals
Which security monitoring data type is associated with application server logs?
security monitoringtransaction dataapplication logslog classification - Question #46Security Technologies
Where is a host-based intrusion detection system located?
HIDShost-based IDSendpoint securityintrusion detection - Question #47Security Principles
One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?
CIA triadconfidentialityintegrityavailability - Question #48Cybersecurity Fundamentals
According to RFC 1035 which transport protocol is recommended for use with DNS queries?
DNSUDPnetwork protocolsRFC 1035 - Question #49Security Technologies
Which definition describes the main purpose of a Security Information and Event Management solution ?
SIEMlog correlationevent managementsecurity monitoring - Question #50Threats and Vulnerabilities
Which option is a purpose of port scanning?
port scanningreconnaissancenetwork enumerationvulnerability assessment