Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Cisco Official New Released 600-199
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/600-199.html
Securing Cisco Networks with Threat Detection and Analysis
Question No: 11
Refer to the exhibit.
Which DNS Query Types pertains to email?
-
A?
-
NS?
-
SOA?
-
PTR?
-
MX?
-
TXT?
Answer: E
Question No: 12
A server administrator tells you that the server network is potentially under attack. Which piece of information is critical to begin your network investigation?
-
cabinet location of the servers
-
administrator password for the servers
-
OS that is used on the servers
-
IP addresses/subnets used for the servers
Answer: D
Question No: 13
Which describes the best method for preserving the chain of evidence?
-
Shut down the machine that is infected, remove the hard drive, and contact the local authorities.
-
Back up the hard drive, use antivirus software to clean the infected machine, and contact the local authorities.
-
Identify the infected machine, disconnect from the network, and contact the local authorities.
-
Allow user(s) to perform any business-critical tasks while waiting for local authorities.
Answer: C
Question No: 14
Which will be provided as output when issuing the show processes cpu command on a Cisco IOS router?
-
router configuration
-
CPU utilization of device
-
memory used by device processes
-
interface processing statistics
Answer: B
Question No: 15
Refer to the exhibit.
Which protocol is used in this network traffic flow?
-
SNMP
-
SSH
-
DNS
-
Telnet
Answer: B
Question No: 16
Which two types of data are relevant to investigating network security issues? (Choose two.)
-
NetFlow
-
device model numbers
-
syslog
-
routing tables
-
private IP addresses
Answer: A,C
Question No: 17
In the context of a network security device like an IPS, which event would qualify as having the highest severity?
-
remote code execution attempt
-
brute force login attempt
-
denial of service attack
-
instant messenger activity
Answer: A
Question No: 18
Which event is likely to be a false positive?
-
Internet Relay Chat signature with an alert context buffer containing #IPS_ROCS Yay
-
a signature addressing an ActiveX vulnerability alert on a Microsoft developer network documentation page
-
an alert for a long HTTP request with an alert context buffer containing a large HTTP GET request
-
BitTorrent activity detected on ephemeral ports
Answer: B
Question No: 19
Given a Linux machine running only an SSH server, which chain of alarms would be most concerning?
-
brute force login attempt from outside of the network, followed by an internal network scan
-
root login attempt followed by brute force login attempt
-
Microsoft RPC attack against the server
-
multiple rapid login attempts
Answer: A
Question No: 20
If a company has a strict policy to limit potential confidential information leakage, which three alerts would be of concern? (Choose three.)
-
P2P activity detected
-
Skype activity detected
-
YouTube viewing activity detected
-
Pastebin activity detected
-
Hulu activity detected
Answer: A,B,D
100% Ensurepass Free Download!
–Download Free Demo:600-199 Demo PDF
100% Ensurepass Free Guaranteed!
–600-199 Dumps
EnsurePass | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF