Cisco 210-255 - CCNA Cyber Ops Implementing Cisco Cybersecurity Operations Exam
Page: 1 / 36
Total 179 questions
Question #1 (Topic: Single Topic)
Refer to the exhibit. We have performed a malware detection on the Cisco website. Which statement about the result is true?
A. The website has been marked benign on all 68 checks.
B. The threat detection needs to run again.
C. The website has 68 open threats.
D. The website has been marked benign on 0 checks.
Answer: A
Question #2 (Topic: Single Topic)
During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?
A. collection
B. examination
C. reporting
D. investigation
Answer: A
Question #3 (Topic: Single Topic)
Refer to the exhibit. A customer reports that they cannot access your organization's website. Which option is a possible reason that the customer cannot access
the website?
A. The server at 10.33.1.5 is using up too much bandwidth causing a denial-of-service.
B. The server at 10.67.10.5 has a virus.
C. A vulnerability scanner has shown that 10.67.10.5 has been compromised.
D. Web traffic sent from 10.67.10.5 has been identified as malicious by Internet sensors.
Answer: D
Question #4 (Topic: Single Topic)
You see 100 HTTP GET and POST requests for various pages on one of your webservers. The user agent in the requests contain php code that, if executed,
creates and writes to a new php file on the webserver. Which category does this event fall under as defined in the Diamond Model of Intrusion?
creates and writes to a new php file on the webserver. Which category does this event fall under as defined in the Diamond Model of Intrusion?
A. delivery
B. reconnaissance
C. action on objectives
D. installation
E. exploitation
Answer: D
Question #5 (Topic: Single Topic)
Which two options can be used by a threat actor to determine the role of a server? (Choose two.)
A. PCAP
B. tracert
C. running processes
D. hard drive configuration
E. applications
Answer: CE
