最新的Cisco 210-255免費考試真題

問題1

Refer to the exhibit. Which host is likely connecting to a malicious site?

A. 10.0.12

B. 10.0.1.1

C. 10.0.1.20

D. 10.0.1.10

正確答案: B

問題2

Which value in profiling servers in a system is true?

A. it can protect the address space of critical hosts.

B. it can identify servers that have been exploited

C. it can identify when network ports have been connected

D. it can identify when network performance has decreased

正確答案: B

問題3

Which of the following is typically a responsibility of a PSIRT?

A. Monitor security logs

B. Configure the organization's firewall

C. Disclose vulnerabilities in the organization's products and services

D. Investigate security incidents in a security operations center (SOC)

正確答案: C

問題4

A user on your network receives an email in their mailbox that contains a malicious attachment.
There is no indication that the file was run. Which category as defined in the Diamond Model of Intrusion does this activity fall under?

A. weaponization

B. delivery

C. installation

D. reconnaissance

正確答案: B

問題5

To which category do attributes belong within the VERIS schema?

A. victim demographics

B. incident description

C. incident tracking

D. Discovery and response

正確答案: B

問題6

Employees are allowed access to internal websites. An employee connects to an internal website and IDS reports it as malicious behavior. What is this example of?

A. true negative

B. false negative

C. true positive

D. false positive

正確答案: D

問題7

What define the roadmap for implementing the incident response plan?

A. Incident response policy

B. Incident response plan

C. Incident response procedures

正確答案: B

問題8

Which two options can be used by a threat actor to determine the role of a server? (Choose two.)

A. applications

B. hard drive configuration

C. tracert

D. running processes

E. PCAP

正確答案: A,D

問題9

Which option has a drastic impact on network traffic because it can cause legitimate traffic to be blocked?

A. true negative

B. false negative

C. true positive

D. false positive

正確答案: D

問題10

Refer to the exhibit. Which item is depicted in this output?

A. NetFlow data

B. VLAN 10 traffic

C. packet capture exported text

D. Windows Security audit log

正確答案: A

問題11

Which function does an internal CSIRT provide?

A. incident handling services across various CSIRTs

B. incident handling services for a parent organization

C. incident handling services for a country's government

D. incident handling services as a service for other organization

正確答案: B

問題12

According to NIST 86, which action describes the volatile data collection?

A. Collect data while rebooting

B. Collect data that contains malware

C. Collect data before system reboot

D. Collect data after rebooting

正確答案: C

最新的Cisco Implementing Cisco Cybersecurity Operations - 210-255免費考試真題

聯系我們

站內鏈接

最新更新