最新的Cisco 600-199免費考試真題

問題1

Which event is likely to be a false positive?

A. Internet Relay Chat signature with an alert context buffer containing #IPS_ROCS Yay

B. BitTorrent activity detected on ephemeral ports

C. a signature addressing an ActiveX vulnerability alert on a Microsoft developer network documentation page

D. an alert for a long HTTP request with an alert context buffer containing a large HTTP GET request

正確答案: C

問題2

Refer to the exhibit.

Which DNS Query Types pertains to email?

A. TXT?

B. NS?

C. SOA?

D. PTR?

E. MX?

F. A?

正確答案: E

問題3

As a part of incident response, which action should be performed?

A. maintain data security and custody for future forensics use

B. custody of information

C. watch to see if the incident reoccurs

D. classify the problem

正確答案: A

問題4

Which network management protocol relies on multiple connections between a managed device and the management station where such connections can be independently initiated by either side?

A. NetFlow

B. SNMP

C. Telnet

D. SSH

正確答案: B

問題5

Refer to the exhibit.

Which two options does the following tcpdump command do? (Choose two.)

A. Read the capture from a file.

B. Capture traffic based on host 10.10.10.10 and HTTP traffic.

C. Capture traffic based on host 10.10.10.10 and everything but HTTP traffic.

D. Capture ARP traffic only.

E. Read from nvram (non-volatile) and parse the stream.

F. Write the capture as a file.

正確答案: C,F

問題6

If a company has a strict policy to limit potential confidential information leakage, which three alerts would be of concern? (Choose three.)

A. P2P activity detected

B. YouTube viewing activity detected

C. Hulu activity detected

D. Pastebin activity detected

E. Skype activity detected

正確答案: A,D,E

最新的Cisco Securing Cisco Networks with Threat Detection and Analysis - 600-199免費考試真題

聯系我們

站內鏈接

最新更新