November/2019 Braindump2go 210-250 Dumps with PDF and VCE New Updated Today! Following are some new 210-250 Exam Questions,
How does DNS security combat CnC callbacks?
A. By filtering DNS requests, it blocks all requested zone transfers.
B. By changing the DNS MX field, CnC systems cannot be reached on the outbound connection.
C. By implementing DNS security measures, CnC callbacks over any ports and protocols are blocked when the DNS queries to any bad or malicious domains are prevented.
D. Using openDNS servers, such as Google openDNS (184.108.40.206), DNS requests are filtered based on the IP reputation tables that are maintained.
E. By configuring clients to use cloud-based DNS services, CnC callbacks are originated only in the cloud.
The Cisco OpenDNS dashboard page provides useful and important security information for security analysts. In which section of the dashboard are threats of malware or botnets displayed?
A. activity volume
B. message center
C. top identities
D. top domains
Which statement best describes how a network-based malware protection feature detects a possible event?
A. Using virus signature files locally on the firewall, it will detect incorrect MD5 file hashes.
B. The firewall applies broad-based application and file control policies to detect malware.
C. Malware can be detected correctly by using reputation databases on both the firewall and/or from the cloud.
D. IDS signature files that are located on the firewall are used to detect the presence of malware.
E. Malware can be detected and stopped by using ACLs and the modular policy framework within the firewall appliance.
What three elements can be configured in firewall polices to detect network-based malware? (Choose three.)
A. commonly used rainbow hash tables
B. commonly used protocols
C. SHA-256 hashes
D. metadata stored that is within the files
E. access control lists (ACLs)
Which one of the following best describes an NGFW versus a standard firewall?
A. NGFWs perform various security functions, such as generating different types of logs and alerts related to suspicious activities, to protect the network from advanced attacks.
B. Standard firewalls are more secure, due to the ease of installation and deployment, and are capable of preventing all malicious activities from penetrating the network.
C. NGFWs contain the appropriate features to detect Malware and detonate unknown files in a secure hard drive partition on the Firewall appliance, saving the analyst time and additional equipment requirements.
D. NGFWs and standard firewalls are functionally the same. The key difference is that standard firewalls provide granular application visibility and control.
E. Standard firewalls support malware protection only.
Which statement best describes the difference between security intelligence and typical firewall ACLs in preventing malicious traffic?
A. Security intelligence uses a dictionary list of keywords, which, if detected in the data payload, will trigger a security event.
B. Using intelligence feeds that provide IP addresses with known bad reputations, malicious activity is blocked before any other policy-based inspection, analysis, or traffic handling is performed.
C. ACLs provide a more granular ability to control known bad IP addresses that have a poor reputation.
Security intelligence feeds are broader in scope.
D. Security intelligence feeds can be used to detect security issues in improperly configured ACLs.
E. ACLs provide superior reflexive ACL entries, based on the known IP address that has a poor reputation, which will automatically be installed in the inspection engine of NGFWs.
What three are primary items that are tracked by a security intelligence feed? (Choose three.)
A. known attackers
B. mis-configured ACLs
C. open relays
D. IP address with good reputation
E. IP address with poor reputation
Of the two types of attacks that analysts investigate, established attacks can be detected by which three methods? (Choose three.)
A. well-defined ACLs that are applied at the firewall
B. a decent set of IPS signatures applied
C. updated anti-virus signatures
D. updated firmware on network devices
E. updated IP/domain blacklists
Which statement best describes how Cisco CTA identifies security breaches?
A. Cisco CTA uses geo-location database signatures to geo-locate attackers, which provide forensic data points.
B. Breaches are identified by scanning SSL/TLS based payloads, decrypting the packet for deep packet analysis.
C. Cisco CTA leverages network traffic behaviors, machine learning, and anomaly detection to detect security breaches.
D. Cisco CTA performs detailed analytics based on provided SYSLOG and NetFlow v5 data elements.
E. Cisco CTA detects data breaches by decoding ESP security payloads and comparing them to known signatures from security intelligence feeds that are provided by the Talos Intelligence Group.
What is a key reason that enterprises are reluctant to move to cloud-based security services?
A. Cloud-based services are not stable, and do not provide high-availability features.
B. Data within the cloud is not natively secure, and customer data breaches are a major concern to enterprises.
C. Cloud-based deployments are significantly more complex to deploy and administer.
D. Enterprises do not trust cloud-based services because of inaccurate X.509 certificates
E. Cloud-based services do not support NGFW encryption technologies.
What are two benefits of cloud-based security services? (Choose two.)
A. The cloud promotes greater optimization and utilization of assets to achieve significant cost reduction.
B. The cloud provides flexibility in the way that enterprise organizations source, deliver, and consume security services.
C. Cloud providers automatically deploy advanced threat analytics to secure confidential customer data, such as customer information.
D. With cloud-based security services, enterprise organizations can remove complex layers of on-premise security policies and procedures.
E. Migration of security services between cloud providers is easier to achieve.
1.|2019 Latest Braindump2go 210-250 Exam Dumps (PDF & VCE) Instant Download:
2.|2019 Latest Braindump2go 210-250 Exam Questions & Answers Instant Download:
|One Time Purchase||✔||✖||✖||✖||✖|
|100% Pass Guarantee||✔||✖||✖||✖||✖|
|100% Money Back||✔||✖||✖||✖||✖|