210-250 Online Practice Questions and Answers

Which browser is used by individuals to maintain anonymity on the Internet and to surf the dark web?

A. OnionBrowser

B. Tor

C. Chrome

D. Firefox

What are some of the characteristics of next-generation firewall and next generation IPS logging capabilities? (Select all that apply.)

A. With next-generation firewalls, you can only monitor malware activity and not access control policies.

B. With next-generation firewalls, you can monitor events for traffic that does not conform with your access control policies. Access control policies allow you to specify, inspect, and log the traffic that can traverse your network. An access control policy determines how the system handles traffic on your network.

C. Next-generation firewalls and next-generation IPSs help you identify and mitigate the effects of malware. The FMC file control, network file trajectory, and Advanced Malware Protection (AMP) can detect, track, capture, analyze, log, and optionally block the transmission of files, including malware files and nested files inside archive files.

D. AMP is supported by Cisco next-generation firewalls, but not by IPS devices.

Which of the following is a type vulnerability that describes when a program or software puts more data in a buffer than it can hold or when a program tries to put data in a memory location past a buffer?

A. Buffer deserialization

B. Buffer injection

C. Cross-site buffer injection

D. Buffer overflow

Which definition of a Linux daemon is true?

A. process that has no parent process

B. process that is starved at the CPU

C. process that is causing harm to the system by either using up system resources or causing a critical crash

D. long-running process that is the child at the init process

What are two ways that packet fragmentation can allow an attacker to evade an IPS sensor? (Choose two.)

A. IPS sensors cannot perform fragmentation and reassembly, forcing them to permit fragmented packets through the IPS sensor.

B. IPS sensors that do not reassemble fragmented packets may fail to recognize the payload as an attack.

C. Packet fragments hide the destination address of the payload, preventing the IPS from learning the hosts being attacked.

D. IPS sensors may interpret fragments differently than end hosts, allowing attacks through the sensor.

E. Setting the DNF-bit can force the IPS sensor to permit packets sent to it as a sequence of fragments, because the IPS sees them as error frames.

You get an alert on your desktop computer showing that an attack was successful on the host but up on investigation you see that occurred duration the attack. Which reason is true?

A. The computer has HIDS installed on it

B. The computer has NIDS installed on it

C. The computer has HIPS installed on it

D. The computer has NIPS installed on it

By default, what level of authority does the root-user have?

A. none

B. regular user level

C. domain administrator

D. super-user privileges

Choose the most difficult stage of an endpoint attack.

A. acquiring access to an endpoint inside the network

B. propagating a botnet once you have access to the systems

C. acquiring a list of ports open on a targeted computer

D. delivering a phishing email to employees

What two types of attacks are examples of ICMP DoS attacks? (Choose two.)

A. smurf attack

B. blooming onion attack

C. ping of death attack

D. DHCP depletion attack

Which one of the following protocols is susceptible to a SYN flood attack?

A. UDP

B. ARP

C. TCP

D. ICMP