210-250 Online Practice Questions and Answers

Which of the following planes is important to understand for defense in depth?

A. Management plane

B. Control plane

C. User/data plane

D. Services plane

Which of the following are examples of common methods used by ciphers?

A. Transposition

B. Substitution

C. Polyalphabetic

D. Polynomial

Which is a correct of daemon permissions?

A. Daemons run at root-level access.

B. Daemons run at super user璴evel access.

C. Daemons run as the init process.

D. Daemons run at different privileges, which are provided by their parent process.

Why does NAT present a challenge to security monitoring?

A. NAT can present a challenge when performing security monitoring and analyzing logs because data can be encrypted as a result of the network address translation.

B. NAT can present a challenge when performing security monitoring and analyzing logs because data can be dropped as a result of the network address translation.

C. NAT can present a challenge when performing security monitoring and analyzing logs, NetFlow, and other data because device IP addresses can be seen in the logs as the "translated" IP address versus the "real" IP address.

D. NAT can present a challenge when performing security monitoring and analyzing logs because data can be fragmented as a result of the network address translation.

Why should NTP be enabled in infrastructure devices and for security monitoring?

A. Using NTP ensures that the correct time is set and that all devices within the network are synchronized. Also, it helps to reduce the amount of duplicate logs.

B. Using NTP ensures that the network tunneling protocol is implemented with the correct encryption algorithms.

C. Using NTP ensures that the network tunneling protocol is implemented with the correct hashing algorithms.

D. Using NTP ensures that the network tunneling protocol is implemented with the correct DNS names and NetFlow records

In which type of an attack does an attacker send falsified and spoofed resource record information to a DNS resolver?

A. DNS reflection attack

B. DNS denial of service attack

C. DNS cache poisoning

D. DNS utilization attack

What type of data can be learned about a server by performing a basic port scan on it with nmap?

A. list of patches missing from applications

B. misconfigurations of web applications allowing command injection

C. list of all open ports and services that are running

D. list of all systems that the server is communicating with

E. list of users who are logged on to the server

Which one of the following best describes an NGFW versus a standard firewall?

A. NGFWs perform various security functions, such as generating different types of logs and alerts related to suspicious activities, to protect the network from advanced attacks.

B. Standard firewalls are more secure, due to the ease of installation and deployment, and are capable of preventing all malicious activities from penetrating the network.

C. NGFWs contain the appropriate features to detect Malware and detonate unknown files in a secure hard drive partition on the Firewall appliance, saving the analyst time and additional equipment requirements.

D. NGFWs and standard firewalls are functionally the same. The key difference is that standard firewalls provide granular application visibility and control.

E. Standard firewalls support malware protection only.

What are two benefits of cloud-based security services? (Choose two.)

A. The cloud promotes greater optimization and utilization of assets to achieve significant cost reduction.

B. The cloud provides flexibility in the way that enterprise organizations source, deliver, and consume security services.

C. Cloud providers automatically deploy advanced threat analytics to secure confidential customer data, such as customer information.

D. With cloud-based security services, enterprise organizations can remove complex layers of on-premise security policies and procedures.

E. Migration of security services between cloud providers is easier to achieve.

What information is included in a network socket? (Select all that apply.)

A. Protocol

B. IP address

C. Port

D. MAC address

What type of password attack is characterized by trying every possible character combination until all combinations have been exhausted?

A. phishing

B. dictionary

C. brute force

D. guessing

Which statement is true about TCP reset attacks?

A. A TCP reset attack is designed to disrupt the TCP 3-way handshake.

B. A TCP reset attack terminates TCP communications between two hosts.

C. An malicious attack is always indicated when the RST bit is set to 1 in a TCP packet header.

D. In a TCP reset attack, the RST bit in the TCP packet header must be set to 1; settings for other fields in the TCP header are irrelevant.

What is the default port for HTTPS?

A. 443

B. 8080

C. 80

D. 22

What type of attack describes malicious JavaScript, which redirects an unsuspecting user to download malware from a remote website?

A. drive-by-download

B. session hijacking

C. SQL injection

D. denial of service

Which security monitoring data type is associated with application server logs?

A. alert data

B. statistical data

C. session data

D. transaction data