210-250 Exam Questions
198 real 210-250 exam questions with expert-verified answers and explanations. Page 3 of 4.
- Question #104Cybersecurity Fundamentals
Which process continues to be recorded in the process table after it has ended and the status is returned to the parent?
zombie processorphan processprocess tableOS security - Question #105Threats and Vulnerabilities
For which kind of attack does an attacker use known information in encrypted files to break the encryption scheme for the rest of
known-plaintext attackcryptanalysisencryption attackssymmetric encryption - Question #106Security Technologies
In which technology is network level encrypted not natively incorporated?
Kerberosnetwork encryptionIPsecauthentication protocols - Question #107Threats and Vulnerabilities
Which purpose of command and control for network aware malware is true?
command and controlC2malware behaviorbotnet - Question #108Threats and Vulnerabilities
Which action is an attacker taking when they attempt to gain root access on the victims system?
privilege escalationroot accessattack techniquesaccess control - Question #109Threats and Vulnerabilities
Which vulnerability is an example of Shellshock?
Shellshockcommand injectionvulnerability typesbash vulnerability - Question #110Security Technologies
In which format are NetFlow records stored?
NetFlownetwork monitoringbinary formatflow data - Question #111Cybersecurity Fundamentals
A zombie process occurs when which of the following happens?
zombie processprocess tablememory managementOS concepts - Question #112Security Technologies
Early versions of the Microsoft PPTP virtual private network software used the same RC4 key for the sender and the receiver. Which attack is the network vulnerable to when a stream...
RC4stream cipherkey reuseciphertext-only attack - Question #113Security Technologies
How does NTP help with security monitoring?
NTPtime synchronizationlog correlationsecurity monitoring - Question #114Security Technologies
Which hash algorithm is cryptography used in certificate generation?
PKIcertificate generationhash algorithmsMD5 - Question #115Threats and Vulnerabilities
Which description is an example of whaling?
whalingphishingsocial engineeringspear phishing - Question #116Security Technologies
Which tool provides universal query access to text based data such as event logs and file system?
log parserevent logssecurity toolslog analysis - Question #117Security Technologies
You have deployed an enterprise-wide host/endpoint technology for all of the company corporate PCs. Management asks you to block a selected set of applications on all corporate PCs...
application whitelistingapplication blacklistingendpoint securityhost-based controls - Question #118Security Principles
What does the sum of the risks presented by an application represent for that application?
attack surfaceapplication securityrisk assessmentvulnerability - Question #119Security Technologies
The FMC can share HTML, PDF and CSV data types that relate to a specific event type. Which event type?
FMCFirepower Management Centerintrusion eventsCisco security - Question #120Security Technologies
What are two Features of NGFW:
NGFWnext-generation firewallapplication visibilityIDS - Question #121Security Technologies
How does NTP help with monitoring?
NTPtime synchronizationlog correlationsecurity monitoring - Question #122Cybersecurity Fundamentals
Which protocols is primarily supported by the 3rd layer of the OSI ref models ?
OSI modelnetwork layerIPv4IPv6 - Question #123Threats and Vulnerabilities
What Does the sum of the risk presented by an application represent for that application ?
attack surfaceapplication riskrisk assessment - Question #124Cybersecurity Fundamentals
Which protocol is primarily supported by the Fourth layer of the Open Systems Interconnection reference model?
OSI modeltransport layerTCPUDP - Question #125Cybersecurity Fundamentals
As per RFC 1035 which transport layer protocol is used for DNS zone transfer?
DNSzone transferTCPRFC 1035 - Question #126Security Technologies
Which of the following are some useful reports you can collect from Cisco ISE related to endpoints? (Select all that apply.)
Cisco ISERADIUSendpoint reportsNAC - Question #127Security Technologies
Which of the following are examples of system-based sandboxing implementations? (Select all that apply.)
sandboxingGoogle ChromiumJava JVMHTML5 iframe - Question #128Security Technologies
Which of the following are public key standards?
PKCSpublic key standardsPKIcryptography - Question #129Cybersecurity Fundamentals
which protocol helps to synchronizes and correlate events across multiple network devices:
NTPtime synchronizationnetwork protocolslog correlation - Question #130Security Principles
which security principle is violated by running all processes as root/admin
least privilegeroot accessaccess control - Question #131Cybersecurity Fundamentals
DNS query uses which protocol
DNSUDPnetwork protocols - Question #132Threats and Vulnerabilities
Which data type is the most beneficial to recreate a binary file for malware analysis
malware analysissession datanetwork forensicsdata types - Question #133Security Technologies
Which options is true when using the traffic mirror feature in a switch?
traffic mirroringSPANpacket capturenetwork monitoring - Question #134Threats and Vulnerabilities
Which term represents the likely hood of potential danger that could take advantage of a weakness in a system?
riskthreatvulnerabilitysecurity definitions - Question #135Security Technologies
You have deployed an enterprise-wide-host/endpoint technology for all of the company corporate PCs Management asks you to block a selected set application on all corporate PCs. Whi...
application whitelistingapplication blacklistingendpoint securityapplication control - Question #136Security Technologies
In which context is it inappropriate to use a hash algorithm?
hash algorithmsTelnetplaintext protocolscryptography - Question #137Security Technologies
Which purpose of the certificate revocation list is true?
CRLcertificate revocationPKIdigital certificates - Question #138Security Technologies
Company XX must filter/control some application and limited connection based on location across the network, which technology can be used?
NGFWapplication filteringgeolocation filteringnetwork security - Question #139Threats and Vulnerabilities
Which evasion method servers as an important functionality of ransomware?
ransomwareencryptionevasion techniquesmalware - Question #140Security Principles
Which NTP service is a best practice to ensure that all network devices are synchronized with a reliable and trusted time source?
NTPauthenticated NTPtime synchronizationsecurity best practices - Question #141Threats and Vulnerabilities
Which two protocols are often used for DDoS amplification attacks (choose two)
DDoSamplification attacksDNSNTP - Question #142Security Technologies
Which option is true when using the traffic mirror feature in a switch?
traffic mirroringSPAN portpacket capturenetwork monitoring - Question #143Security Principles
Which purpose of a security risk assessment is true?
risk assessmentvulnerability managementsecurity assessment - Question #144Threats and Vulnerabilities
Which vulnerability is an example of Heartbleed?
HeartbleedOpenSSLinformation disclosurevulnerability classification - Question #145Threats and Vulnerabilities
Endpoint logs indicate that a machine has obtained an unusual gateway address and unusual DNS servers via DHCP. Which option is this situation most likely an example of?
DHCP spoofingrogue DHCP serverman-in-the-middlenetwork attack - Question #146Security Technologies
Which three fields are within an X.509v3 end entity certificate? (Choose three).
X.509 certificatesPKIdigital signaturespublic key infrastructure - Question #147Security Technologies
What event types does FMC record?
Firepower Management CenterFMCevent loggingsecurity monitoring - Question #148Cybersecurity Fundamentals
A child process that's permitted to continue on its own after its parent process is terminated. What is that child process called?
orphan processprocess managementoperating systemLinux - Question #149Security Technologies
Which type of technology is used for detecting unusual patterns and anomalous behavior on a network?
NetFlowanomaly detectionbehavioral analysisnetwork monitoring - Question #150Security Technologies
What type of algorithm uses the same key to encrypt and decrypt data?
symmetric encryptioncryptographyencryption algorithms - Question #151Security Technologies
Which Statement about personal firewalls is true?
personal firewallhost-based securityfirewall capabilities - Question #152Cybersecurity Fundamentals
What Linux commands show the process for all users?
Linux commandsps commandprocess managementsystem administration - Question #153Threats and Vulnerabilities
What two types of attacks are examples of ICMP DoS attacks? (Choose two.)
ICMP attackssmurf attackping of deathDoS