web analytics

Cisco Cyber Security Specialist 600-199 Dumps With VCE and PDF Download (Question 6 – Question 10)

New 600-199 exam questions from PassLeader 600-199 dumps! Welcome to download the newest PassLeader 600-199 VCE and PDF dumps: http://www.passleader.com/600-199.html (60 Q&As)

P.S. Free 600-199 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpR0ozaTdjbGpid28

QUESTION 6
Which event is likely to be a false positive?

A.    Internet Relay Chat signature with an alert context buffer containing #IPS_ROCS Yay
B.    a signature addressing an ActiveX vulnerability alert on a Microsoft developer network documentation page
C.    an alert for a long HTTP request with an alert context buffer containing a large HTTP GET request
D.    BitTorrent activity detected on ephemeral ports

Answer: B

QUESTION 7
Given a Linux machine running only an SSH server, which chain of alarms would be most concerning?

A.    brute force login attempt from outside of the network, followed by an internal network scan
B.    root login attempt followed by brute force login attempt
C.    Microsoft RPC attack against the server
D.    multiple rapid login attempts

Answer: A

QUESTION 8
If a company has a strict policy to limit potential confidential information leakage, which three alerts would be of concern? (Choose three.)

A.    P2P activity detected
B.    Skype activity detected
C.    YouTube viewing activity detected
D.    Pastebin activity detected
E.    Hulu activity detected

Answer: ABD

QUESTION 9
Which event is actionable?

A.    SSH login failed
B.    Telnet login failed
C.    traffic flow started
D.    reverse shell detected

Answer: D

QUESTION 10
Which would be classified as a remote code execution attempt?

A.    OLE stack overflow detected
B.    null login attempt
C.    BitTorrent activity detected
D.    IE ActiveX DoS

Answer: A


New 600-199 exam questions from PassLeader 600-199 dumps! Welcome to download the newest PassLeader 600-199 VCE and PDF dumps: http://www.passleader.com/600-199.html (60 Q&As)

P.S. Free 600-199 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpR0ozaTdjbGpid28