Download CCNA Cyber Ops Understanding Cisco Cybersecurity Fundamentals.Braindumps.210-250.2019-07-10.1e.25q.vcex

Download Exam

File Info

Exam CCNA Cyber Ops Understanding Cisco Cybersecurity Fundamentals
Number 210-250
File Name CCNA Cyber Ops Understanding Cisco Cybersecurity Fundamentals.Braindumps.210-250.2019-07-10.1e.25q.vcex
Size 70 Kb
Posted July 10, 2019
Downloads 31
Download CCNA Cyber Ops Understanding Cisco Cybersecurity Fundamentals.Braindumps.210-250.2019-07-10.1e.25q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

A host is sending a ping packet to another host in the same subnet. For which IP address does the sending host perform an ARP broadcast to resolve? 

  • A: its own IP address
  • B: the IP address of the router
  • C: the IP address of the DNS server
  • D: the IP address of the destination host

Correct Answer: D

All communication within a subnet is based on MAC addresses. When the destination is in the same subnet, the source device performs an ARP broadcast to learn the MAC address of the destination host. 
The Address Resolution Protocol (ARP) is used in TCP/IP to resolve media access control (MAC) addresses to IP addresses. Mac addresses are configured on each NIC on an Ethernet network so that the nodes can be identified on the network. ARP enables the MAC addressing that Ethernet requires to interoperate with the IP addressing that TCP/IP requires. You can use the arp utility to view and manage the ARP cache on a computer. To use the arp utility, you can issue the arp command with various switches at a command prompt. The source device will perform an ARP broadcast to learn the mac address of the router in cases were the destination is in another subnet. Then the router will take over from there. 
The source device will never perform an ARP broadcast to learn its own MAC address. 
The only time a source device will perform an ARP broadcast to learn the MAC address of the DNS server is when communication is being done by name and not IP address. 
Objective: Network Concepts
Sub-Objective: Describe IP subnets and communication within an IP subnet and between IP subnets
Reference: https://www.dummies.com/programming/networking/cisco/network-basics-local-host-arp-requests/ 




Question 2

At which layer does switching occur in the Cisco modified TCP/IP model?

  • A: Internet
  • B: Transport
  • C: Data Link
  • D: Physical

Correct Answer: C

Switches make switching decisions based on MAC addresses. Because MAC address reside in the Data Link layer of the TCP/IP or DoD model, this is the layer where switching occurs. A switch is a high-speed networking device that receives incoming data packets from one of its ports and directs them to a destination port for local area network access. A switch will redirect traffic bound outside the local area to a router for forward through an appropriate WAN interface. 
The modified TCP/IP model is a model by Cisco that departs from the DoD model by breaking the bottom layer, the Link layer, into two layers called the Data Link and the Physical layer. 
Other versions of the model refer to the Link as the Network Interface layer. 
The layers in ascending order are:

  

Switches do not operate on the Internet layer. Routers are an example of devices that operate on this layer, which is where IP addresses are located. A router is a device that examines the contents of data packets transmitted within or across networks. Routers determine if a source and destination are on the same network, or whether data mist be transferred from one network to another, either between locally available network segments, or across a wide-area link to access other, more distant networks. 
Switches do not operate on the Transport layer. This is the layer where port numbers are added to the packet. 
Switches do not operate on the Physical layer. This is the layer where the information is transmitted as ones and zeros using the underlying technology of the medium. 
The Application layer of the TCP/IP model corresponds to the Application, Presentation, and Session layers of the OSI model. 
The Transport layer of the TCP/IP model correspond to the Transport layer of the OSI model. 
The Internet layer of the TCP/IP model correspond to the Network layer of the OSI model. Internet protocol (IP), address resolution protocol (ARP), and Internet control message protocol (ICMP) operate at the Internet layer. 
The Link layer of the TCP/IP model corresponds to the Data Link and Physical layers of the OSI model. 
Objective: Network Concepts
Sub-Objective: Describe the function of the network models
Reference: https://converse.org.ua/kak-otliit%27-original%27nye-konversy-ot-poddelki 




Question 3

Which of the following is used to prevent malicious software systems?

  • A: HIDS
  • B: HIPS
  • C: network AV
  • D: host AV

Correct Answer: C

To protect multiple devices from malware, network antivirus (AV) should be used. These tools can protect an entire network of devices. 
A host antivirus (AV) can only protect the device on which it is installed. 
A host intrusion prevention system (HIPS) can prevent multiple attack types, but it can only protect the device on which it is installed. 
A host intrusion detection system (HIPS) can detect multiple attack types, but it can only detect attacks against the device on which it is installed. 
Intrusion prevention systems (IPS) and intrusion detection systems (IDS) work together to complement each other. IPS systems can block activities on certain Web sites. Users may be allowed to access the sites but may be prevented from accessing certain features within the site. In other cases, the entire site may be blocked, depending on the security requirements for the organization. 
Objective: Security Concepts
Sub-Objective: Compare and contrast these terms: Network and host antivirus, Agentless and agent-based protections, SIEM and log collection
References: https://www.techrepublic.com/article/pick-an-anti-virus-solution-that-will-grow-with-your-network/




Question 4

What terms represents the leveraging of a security weakness present in a system?

  • A: breach
  • B: threat
  • C: vulnerability
  • D: exploit 

Correct Answer: D

When a security weakness or vulnerability exists in a system and threat actor takes advantage of it, the attack is considered an exploit. 
A vulnerability is a susceptibility to a threat that exists in a system. An example of a vulnerability is keeping ports open for nonessential services. 
A threat is an external danger to which a system may or may not be vulnerable. It is a potential danger that could take advantage of a system if it is vulnerable. A hacker is a threat actor. An attacker picking the lock of the back entrance to a facility is an example of a threat, not a vulnerability. 
A breach is when an exploit is successful in providing unauthorized access to data. 
Objective: Security Concepts
Sub-Objective: Compare and contrast these concepts: Risk, Threat, Vulnerability, Exploit
Reference: https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/




Question 5

Which of the following uses port 443?

  • A: DNS
  • B: SSH
  • C: SSL
  • D: Telnet
  • E: HTTP

Correct Answer: C

Secure Sockets Layer (SSL) is a security protocol that uses both encryption and authentication to protect data sent in network communications. SSL and HTTPS use port 443. 
Port number 22 is reserved for Secure Shell (SSH) remote login. 
Telnet uses port 23. Telnet is a terminal emulation protocol. You can use Telnet to establish a remote session with a server and to issue commands on a server. 
Telnet client software provides you with a text-based interface and a command line from which you can issue commands on a server that supports the Telnet protocol. Telnet works at the Application layer of the OSI model. 
HTTP uses port 80. HTTP is used to traverse web pages. 
DNS uses port 53. Domain Name System (DNS) is the protocol that will manage the FQDN to IP address mappings. 
There are a total of 65,535 ports in the TCP/IP protocol that are vulnerable to attacks. The following are the most commonly used ports and protocols:
FTP – ports 20 and 21 
SSH, SCP, and SFTP – port 22 
Telnet – port 23 
SMTP – port 25 
TACACS – port 49 
DNS server – port 53 
DHCP – port 67 and 68 
TFTP – port 69 
HTTP – port 80 
Kerberos – port 88 
POP3 – port 110 
NetBIOS – ports 137-139 
IMAP4 – port 143 
SNMP – port 161 
DAP – port 389 
SSL and HTTPS – port 443 
SMB – port 445 
LDAP with SSL – port 636 
FTPs – ports 989, 990 
Microsoft SQL Server – port 1433 
Point-to-Point Tunneling Protocol (PPTP) – port 1723 
RDP protocol and terminal Services – port 3389 
Objective: Cryptography
Sub-Objective: Describe the security impact of these commonly used encryption algorithms and secure communications protocols: DES, 3DES, AES, AES256-CTR, RSA, DSA, SSH, SSL/TLS 
Reference: http://info.ssl.com/article.aspx?id=10241




Question 6

What is the process of scoring risks by their likelihood and their impact?

  • A: quantitative risk analysis 
  • B: qualitative risk analysis
  • C: business impact analysis
  • D: disaster recovery

Correct Answer: B

When scoring is used to rate risks by likelihood and impact, it is called qualitative risk analysis. Qualitative risk analysis does not assign monetary values. It is simply a subjective report that is compiled by the risk analysis team that describes the threats, countermeasures, and likelihood an event will occur. 
Quantitative risk analysis attempts to attach dollar figures to potential risk outcomes. Quantitative risk analysis attempts to predict the likelihood a threat will occur and assigns a monetary value in the event a loss occurs. The likelihood of risk occurrence is usually based ob subject matter expert opinion and rankings from statistical data. 
A business impact analysis (BIA) focuses on critical business systems and the impact if they are lost to an outage. A BIA is created to identify the company’s vital functions and prioritize them based on need. It identifies vulnerabilities and threats and calculates the associated risks. 
A disaster recovery plan is a short term plan that is implemented when a large disaster event occurs. The plan is created to ensure that your company can resume operations in a timely manner. It mainly focuses on alternative procedures for processing transactions in the short term. It is carried out when the emergency occurs and immediately following the emergency. 
Objective: Security Concepts
Sub-Objective: Describe these security terms: Principle of least privilege, Risk scoring/risk weighting, Risk reduction, Risk assessment
Reference: https://www.pmi.org/learning/library/qualitative-risk-assessment-cheaper-faster-3188




Question 7

Which of the following is not a hashing algorithm?

  • A: DES
  • B: MD5
  • C: SHA-1
  • D: SHA-3

Correct Answer: A

Digital encryption standard (DES) is an encryption algorithm, not a hashing algorithm. DES is a private key encryption standard that is used in IPSec to ensure that data packets are confidentially transmitted. 
MD5 is a one-way hashing algorithm. One-way hashing inserts a string of variable length into a hashing algorithm and produces a hash value of fixed length. This hash is appended to the end of the message being sent. The receiver recomputes the hash by using the same computational logic. If the recomputed hash value is the same as the generated hash value, the message was not altered during the course of transmission. 
Secure Hashing Algorithm 1 (SHA 1) is the first and least secure version of SHA. 
Secure Hashing Algorithm 3 (SHA 3) is the first and least secure version of SHA. 
Objective: Cryptography
Sub-Objective: Describe the security impact of these commonly used hash algorithms: MD5, SHA-1, SHA-256, SHA-512
Reference: https://www.nist.gov/news-events/news/2015/08/nist-releases-sha-3-cryptographic-hash-standard




Question 8

Which of the following is the most widely used public key cipher?

  • A: 3DES
  • B: EI Gamal
  • C: RSA
  • D: AES

Correct Answer: C

Rivest, Shamir, Adleman (RSA) is the most widely used public key or asymmetric cipher. RSA supports encryption and decryption and secures data with an algorithm that is based on the difficulty of factoring large numbers. 
A public key encryption algorithm is sometimes referred to as an asymmetric encryption algorithm. With asymmetric encryption, the public key is shared and used to encrypt information, and the private key is secret and used to decrypt data that was encrypted with the matching public key. Using RSA, messages travelling between two points are encrypted and authenticated. RSA tokens are used to provide a rolling password for one-time use. 
Triple DES or 3DES is a symmetric algorithm, which means the key used to encrypt is identical to the key used to decrypt. Triple DES is a later version of Data Encryption Standard (DES) that performs three rounds of encryption. The encryption and decryption process performed by 3ES takes longer due to the higher processing power required. 
While EI Gamal is a public key or asymmetric cipher, it is not the most widely used. 
AES is a symmetric algorithm that is currently the best encryption algorithm available commercially. 
Advanced Encryption Algorithm that is currently the best encryption algorithm available commercially. The Advanced Encryption Standard (AES) uses 128-bit, 192-bit, and 256-bit encryption keys. 
Objective: Cryptography
Sub-objective: Describe the security impact of these commonly used encryption algorithms and secure communications protocols: DES, 33DES, AES, AES256-CTR, RSA, DSA, SSH, SSL/TLS. 
Reference: https://www.techopedia.com/definition/21852/rsa-encryption




Question 9

Which of the following provides the ability to allow scripting languages to manage Windows computers both locally and remotely?

  • A: STP
  • B: RMI
  • C: EMI
  • D: WMI

Correct Answer: D

Windows Management Instrumentation (WMI) consists of a set of extension that allow access to settings and information through the command line, making the scripting of operations possible. The command-line interface to WMI called Windows Management Instrumentation Command-line (WMI). 
Electromagnetic interference (EMI) is the inference with data traversing cables by strong electromagnetic energy generated by sources such as machinery. The transformers in fluorescent lighting systems are a common cause of network communications problems. If a network cable that is highly susceptible to EMI, such as unshielded-twisted pair (UTP) cable, is placed near lighting transformers, then the magnetic field produced by the transformers can cause network communications problems. You can replace UTP cable that runs near sources of EMI with shielded cable, such as shielded twisted-pair 9STP) cable or coaxial cable. Fiber-optic cable is immune to EMI. 
Radio frequency interference (RFI) occurs near sources of high power radio transmissions. TV stations, radio stations, cellular telephones, and CB radios can be sources of RFI. RFI can cause network communications problems, and intermittent computer problems such as spontaneously rebooting computers and data errors. 
Spanning tree protocol (STP) is a loop avoidance protocol used with switches. Switching loops occur when multiple Layer 2 paths to a network cause to flood broadcasts endlessly. This endless broadcast flood is called a “broadcast storm”, and it causes severe network congestion. STP can be used to prevent these problems on a switched or bridged network.  
Objective: Host-Based Analysis
Sub-Objective: Define terms as they pertain to Microsoft Windows: Processes, Threads, Memory allocation, Windows Registry, WMI, Handles, Services
Reference: https://docs.microsoft.com/en-us/windows/win32/wmisdk/about-wmi




Question 10

What is the function of ARP?

  • A: resolves IP addresses to MAC addresses
  • B: resolves host names to IP addresses
  • C: resolves MAC addresses to IP addresses
  • D: resolves port numbers to IP addresses

Correct Answer: A

Address resolution Protocol (ARP) resolves IP addresses to MAC addresses. It uses a broadcast mechanism to learn the MAC address of a host known only by its address. The media access control (MAC) address uniquely identifies a node on a network segment. ARP tables show the relationship of IP addresses to MAC addresses and are located on most devices. 
There is no mechanism for translating port numbers to IP addresses. The IP address and port number combination of a source or destination is called a socket. 
Domain Name System (DNS) is the service that translates host names to IP addresses. DNS uses UDP when resolution queries are sent to a server by a client, but its uses TCP for zone transfers between DNS servers. According to RFC 1035, UDP is the recommended method for queries. A DNS server provides a centralized database of domain name-to –IP address resolutions on a server that other computers on a network can use for name resolution. 
There is currently no service that resolves MAC addresses to IP addresses. 
Objective: Network Concepts
Sub-Objective: Describe the operation of these network services: ARP, DNS, DHCP
Reference: https://www.lifewire.com/address-resolution-protocol-817941










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files