210-250byomarjoseph143qlastupdate22may2018.pdf

D it is any potential danger to an asset correct

Info icon This preview shows pages 24–28. Sign up to view the full content.

D. It is any potential danger to an asset. Correct Answer: A QUESTION 91 Netflow uses which format? A. base 10 B. ASCII C. Binary D. Hexadecimal Correct Answer: C QUESTION 92 After a large influx of network traffic to externally facing devices, you begin investigating what appear to be a denial of service attack. When you review packets capture data, you notice that the traffic is a single SYN packet to each port. Which kind of attack is this? A. SYN flood. B. Host porfiling. C. Traffic fragmentation. D. Port scanning. Correct Answer: D
Image of page 24

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

QUESTION 93 In NetFlow records, which flags indicate that an HTTP connection was stopped by a security appliance, like a firewall, before it could be built fully? A. ACK B. SYN ACK C. RST D. PSH, ACK Correct Answer: D QUESTION 94 Which term describes reasonable effort that must be made to obtain relevant information to facilitate appropriate courses of action? A. Due diligence B. ethical behavior C. decision making D. data mining. Correct Answer: A QUESTION 95 Where does routing occur within the DoD TCP/IP reference model? A. application B. internet C. network D. transport Correct Answer: B QUESTION 96 Which NTP command configures the local device as an NTP reference clock source? A. ntp peer B. ntp broadcast C. ntp master D. ntp server Correct Answer: C
Image of page 25
QUESTION 97 which definition of common event format in terms of a security information and event management solution is true? A. type of event log used to identify a successful user login. B. TCP network media protocol. C. Event log analysis certificate that stands for certified event forensics. D. A standard log event format that is used for log collection. Correct Answer: D QUESTION 98 Which definition of a Linux daemon is true? A. Process that is causing harm to the system by either using up system resources or causing a critical crash. B. Long running process that is the child at the init process C. process that has no parent process D. process that is starved at the CPU. Correct Answer: B QUESTION 99 According to the common vulnerability scoring system, which term is associated with scoring multiple vulnerabilities that are exploit in the course of a single attack? A. chained score B. risk analysis C. Vulnerability chaining D. Confidentiality Correct Answer: C QUESTION 100 The FMC can share HTML, Pdf and csv data type that relate to a specific event type which event type: A. Connection B. Host C. Netflow D. Intrusion Correct Answer: D
Image of page 26

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

QUESTION 101 Which three statements about host-based IPS are true? (Choose three.) A. It can view encrypted files. B. It can have more restrictive policies than network-based IPS. C. It can generate alerts based on behavior at the desktop level. D. It can be deployed at the perimeter. E. It uses signature-based policies. F. It works with deployed firewalls. Correct Answer: ABC QUESTION 102 Which three options are types of Layer 2 network attack? (Choose three.) A. ARP attacks B. brute force attacks C. spoofing attacks D. DDOS attacks E. VLAN hopping F. botnet attacks Correct Answer: ACE QUESTION 103 What are two Features of NGFW: A. Data Mining, B. Host Based AV C. Application visibility and control D. SIEM E. IDS Correct Answer: CE QUESTION 104 How does NTP help with monitoring?
Image of page 27
Image of page 28
This is the end of the preview. Sign up to access the rest of the document.
  • Spring '18
  • Correct Answer, IP address, Transmission Control Protocol, Denial-of-service attack

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern