New 210-255 exam questions from PassLeader 210-255 dumps! Welcome to download the newest PassLeader 210-255 VCE and PDF dumps: https://www.passleader.com/210-255.html (202 Q&As)
P.S. New 210-255 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpNjM1MWNkbHM5OW8
NEW QUESTION 172
Which regex matches on all lowercase letters only?
A. [a-z]+
B. a*z+
C. [a-z]+
D. a-z+
Answer: C
NEW QUESTION 173
Where do you navigate in Wireshark to download files?
A. File > Export Text
B. File > Export Binaries
C. File > Export Files
D. File > Export Objects
Answer: D
NEW QUESTION 174
Which description of deterministic analysis is true?
A. probable proof of a user’s identity
B. lack of proof of a user’s identity
C. definitive proof of a user’s identity
D. false proof of a user’s identity
Answer: C
NEW QUESTION 175
Which incident handling phase contains evidence gathering and handling?
A. containment, eradication, and recovery
B. identification
C. post incident
D. preparation
Answer: C
NEW QUESTION 176
Which filter shows only SMTP and ICMP traffic on Wireshark?
A. tcp.eq 25 or icmp
B. tcp.port eq 25 or icmp
C. port eq 25 and icmp
D. tcp.port eq 25 also icmp
Answer: B
NEW QUESTION 177
Which CVSS Attach Vector metric value means that the vulnerable component is not bound to the network stack and the path of the attacker is via read/write/execute capabilities?
A. network
B. physical
C. local
D. adjacent
Answer: C
NEW QUESTION 178
Which concept is used to understand instances of the same cybersecurity event occurring over the course of a few weeks that could be linked together through multiple illustrations and then linked back to the same adversary?
A. threat model
B. intrusion threat intelligence model
C. compliance and Intrusion model
D. diamond model of intrusion
Answer: C
NEW QUESTION 179
How do you verify that one of your hosts is potentially compromised based on their communication destinations?
A. Search the communication destinations of the host in the Talos IP & Domain Reputation Center.
B. Analyze how much traffic the host sent and received from each IP address or domain.
C. See if any Stealthwatch alarms were triggered for the host communicating with internal hosts.
D. Check the Firepower appliance to see if malicious files were downloaded.
Answer: A
NEW QUESTION 180
Which option is missing a malware variety per VERIS enumerations?
A. backdoor, command and control, denial or service attack
B. adware, brute force, client-side attack
C. packet sniffer, password dumper, scan network
D. abuse of functionality, cache poisoning, remote file inclusion
Answer: D
NEW QUESTION 181
Which compliance framework applies to safeguarding a patient prescription list?
A. PCI
B. SOX
C. HIPAA
D. COBIT
Answer: C
NEW QUESTION 182
You have identified a malicious file in a sandbox analysis tool. Which piece of file information from the analysis is needed to search for additional downloads of this file by other hosts?
A. file name
B. file hash value
C. file type
D. file size
Answer: B
NEW QUESTION 183
Which two compliance frameworks require that data be encrypted when it is transmitted over a public network? (Choose two.)
A. PCI
B. GLBA
C. HIPAA
D. SOX
E. COBIT
Answer: AC
NEW QUESTION 184
Which IETF standard technology is useful to detect and analyze a potential security incident by recording session flows that occurs between hosts?
A. SFlow
B. NetFlow
C. NFlow
D. IPFIX
Answer: D
NEW QUESTION 185
Which two elements are used for profiling a network? (Choose two.)
A. total throughout
B. session duration
C. running processes
D. OS fingerprint
E. listening ports
Answer: DE
NEW QUESTION 186
What do the Security Intelligence Events within the FMC allow an administrator to do?
A. See if a host is connecting to a known-bad domain.
B. Check for host-to-server traffic within your network.
C. View any malicious files that a host has downloaded.
D. Verify host-to-host traffic within your network.
Answer: A
NEW QUESTION 187
……
New 210-255 exam questions from PassLeader 210-255 dumps! Welcome to download the newest PassLeader 210-255 VCE and PDF dumps: https://www.passleader.com/210-255.html (202 Q&As)
P.S. New 210-255 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpNjM1MWNkbHM5OW8
