Home Hot Certifications View All Exams Library FAQ About Us

Ready to Pass Your Certification Test

Ready to guarantee a pass on the certification that will elevate your career? Visit this page to explore our catalog and get the questions and answers you need to ace the test.

cisco 210_255

Custom view settings

Exam contains 162 questions

Page 7 of 27

Question 37 🔥

Which option filters a LibPCAP capture that used a host as a gateway?

Which database solution meets these requirements?

A. [tcp|udp] [src|dst] port <port>

Highly voted

B. [src|dst] net <net> [{mask <mask>}|{len <len>}]

Highly voted

C. ether [src|dst] host <ehost>

Highly voted

D. gateway host <host>

Highly voted

Discussion of the question

Question 38 🔥

Which identifies both the source and destination location?

Which database solution meets these requirements?

A. IP address

Highly voted

B. URL

Highly voted

C. ports

Highly voted

D. MAC address

Highly voted

Discussion of the question

Question 39 🔥

Which description of a retrospective malware detection is true?

Which database solution meets these requirements?

A. You use Wireshark to identify the malware source.

Highly voted

B. You use historical information from one or more sources to identify the affected host or file.

Highly voted

C. You use information from a network analyzer to identify the malware source.

Highly voted

D. You use Wireshark to identify the affected host or file.

Highly voted

Discussion of the question

Question 40 🔥

A user on your network receives an email in their mailbox that contains a malicious attachment. There is no indication that the file was run. Which category as defined in the Diamond Model of Intrusion does this activity fall under?

Which database solution meets these requirements?

A. reconnaissance

Highly voted

B. weaponization

Highly voted

C. delivery

Highly voted

D. installation

Highly voted

Discussion of the question

Question 41 🔥

An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group. Which term defines the initial event in the NIST SP800-61 r2?

Which database solution meets these requirements?

A. instigator

Highly voted

B. precursor

Highly voted

C. online assault

Highly voted

D. trigger

Highly voted

Discussion of the question

Question 42 🔥

Refer to the exhibit. We have performed a malware detection on the Cisco website. Which statement about the result is true?

Which database solution meets these requirements?

A. The website has been marked benign on all 68 checks.

Highly voted

B. The threat detection needs to run again.

Highly voted

C. The website has 68 open threats.

Highly voted

D. The website has been marked benign on 0 checks.

Highly voted

Discussion of the question

Prev page Next page→

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Ready to Pass Your Certification Test

cisco 210_255

Exam contains 162 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us