Categories
210-255 Dumps

210-255 Real Exam Dumps Questions and answers 51-60

Get Full Version of the Exam
http://www.EnsurePass.com/210-255.html

Question No.51

Which type of analysis allows you to see how likely an exploit could affect your network?

A.

descriptive

B.

casual

C.

probabilistic

D.

inferential

Correct Answer: C

Question No.52

You receive an alert for malicious code that exploits Internet Explorer and runs arbitrary code on the site visitor machine. The malicous code is on an external site that is being visited by hosts on your network. Which user agent in the HTTP headers in the requests from your internal hosts warrants further investigation?

A.

Mozilla/5.0 (compatible, MSIE 10.0, Windows NT 6.2, Trident 6.0)

B.

Mozilla/5.0 (XII; Linux i686; rv: 1.9.2.20) Gecko/20110805

C.

Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 4O0) Gecko/20100101

D.

Opera/9.80 (XII; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16

Correct Answer: A

Question No.53

Which statement about threat actors is true?

A.

They are any company assets that are threatened.

B.

They are any assets that are threatened.

C.

They are perpetrators of attacks.

D.

They are victims of attacks.

Correct Answer: C

Question No.54

What is accomplished in the identification phase of incident handling?

A.

determining the responsible user

B.

identifying source and destination IP addresses

C.

defining the limits of your authority related to a security event

D.

determining that a security event has occurred

Correct Answer: D

Question No.55

Refer to the exhibit. Which type of log is this an example of?

image

A.

IDS log

B.

proxy log

C.

NetFlow log

D.

syslog

Correct Answer: C

Question No.56

Which option creates a display filter on Wireshark on a host IP address or name?

A.

ip.address == lt;addressgt; or ip.network == lt;networkgt;

B.

[tcp|udp] ip.[src|dst] port lt;portgt;

C.

ip.addr == lt;addrgt; or ip.name == lt;namegt;

D.

ip.addr == lt;addrgt; or ip.host == lt;hostgt;

Correct Answer: D

Question No.57

During which phase of the forensic process are tools and techniques used to extract the relevant information from the collective data?

A.

examination

B.

reporting

C.

collection

D.

investigation

Correct Answer: A

Question No.58

A CMS plugin creates two files that are accessible from the Internet myplugin.html and exploitable.php. A newly discovered exploit takes advantage of an injection vulnerability in exploitable.php. To exploit the vulnerability, one must send an HTTP POST with specific variables to exploitable.php. You see traffic to your webserver that consists of only HTTP GET requests to myplugin.html. Which category best describes this activity?

A.

weaponization

B.

exploitation

C.

installation

D.

reconnaissance

Correct Answer: D

Question No.59

Which data element must be protected with regards to PCI?

A.

past health condition

B.

geographic location

C.

full name / full account number

D.

recent payment amount

Correct Answer: C

Question No.60

Refer to the exhibit. What can be determined from this ping result?

image

A.

The public IP address of cisco.com is 2001:420:1101:1::a.

B.

The Cisco.com website is down.

C.

The Cisco.com website is responding with an internal IP.

D.

The public IP address of cisco.com is an IPv4 address.

Correct Answer: A

Get Full Version of 210-255 Dumps

Leave a Reply

Your email address will not be published. Required fields are marked *