600-199 Securing Cisco Networks with Threat Detection and Analysis (Exam 3)

600-199 Securing Cisco Networks with Threat Detection and Analysis (Exam 3)

created by Fisher BRink (@fisher) at Feb. 8, 2016
  • Refer to the exhibit.Which protocol is used in this network traffic flow?

  • Which two types of data are relevant to investigating network security issues? (Ch...

  • In the context of a network security device like an IPS, which event would qualify...

  • If a company has a strict policy to limit potential confidential information leaka...

  • Which event is actionable?

  • If an alert that pertains to a remote code execution attempt is seen on your netwo...

  • In the tcpdump output, what is the sequence number that is represented by XXXXX?

  • Refer to the exhibit.Based on the traffic captured in the tcpdump, what is occurring?

  • Which two tools are used to help with traffic identification? (Choose two.)

  • Refer to the exhibit.Based on the tcpdump capture, which three statements are true...

  • What is the maximum size of an IP datagram?

  • The IHL is a 4-bit field containing what measurement?

  • Refer to the exhibit.In the packet captured from tcpdump, which fields match up wi...

  • Which action is recommended to prevent an incident from spreading?

  • What is the most important reason for documenting an incident?

  • In what sequence do the proper eradicate/recovery steps take place?1) Re-image2) R...

  • After an attack has occurred, which two options should be collected to help remedi...

  • Which source should be used to recommend preventative measures against security vu...

Be the first to review
Login and Review
  • info
    Quiz Info
  • date_range
    Feb. 8, 2016, 3:42 a.m.
    help_outline
    18 questions
    dvr
    0 completed
    remove_red_eye
    6 views
    people
    0 takers
    folder

  • 600-199 Securing Cisco Networks with Threat Detection and Analysis (Exam 3) QR code

Ratings

star_borderstar_borderstar_borderstar_borderstar_border
ratings