Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Cisco 210-255 Exam Actual Questions

The questions for 210-255 were last updated on Aug. 30, 2023.
  • Viewing page 1 out of 45 pages.
  • Viewing questions 1-4 out of 185 questions

Topic 1 - Single Topic

Question #1 Topic 1

Refer to the exhibit. We have performed a malware detection on the Cisco website. Which statement about the result is true?

  • A. The website has been marked benign on all 68 checks.
  • B. The threat detection needs to run again.
  • C. The website has 68 open threats.
  • D. The website has been marked benign on 0 checks.
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️

Question #2 Topic 1

During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?

  • A. collection
  • B. examination
  • C. reporting
  • D. investigation
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️
The basic phases of the forensic process are: collection, examination, analysis, and reporting. During collection, data related to a specific event is identified, labeled, recorded, and collected, and its integrity is preserved. In the second phase, examination, forensic tools and techniques appropriate to the types of data that were collected are executed to identify and extract the relevant information from the collected data while protecting its integrity. Examination may use a combination of automated tools and manual processes. The next phase, analysis, involves analyzing the results of the examination to derive useful information that addresses the questions that were the impetus for performing the collection and examination. The final phase involves reporting the results of the analysis, which may include describing the actions performed, determining what other actions need to be performed, and recommending improvements to policies, guidelines, procedures, tools, and other aspects of the forensic process.

Question #3 Topic 1

Refer to the exhibit. A customer reports that they cannot access your organization's website. Which option is a possible reason that the customer cannot access the website?

  • A. The server at is using up too much bandwidth causing a denial-of-service.
  • B. The server at has a virus.
  • C. A vulnerability scanner has shown that has been compromised.
  • D. Web traffic sent from has been identified as malicious by Internet sensors.
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️
Every firewall has its own database where it maintains the website reputation on terms of security, ease of access, performance etc and below certain score
(generally 7 in case of Cisco), firewalls block access to the sites. For example, you can visit www.senderbase.org and enter name of any website and you will see the reputation of that website.

Question #4 Topic 1

You see 100 HTTP GET and POST requests for various pages on one of your webservers. The user agent in the requests contain php code that, if executed, creates and writes to a new php file on the webserver. Which category does this event fall under as defined in the Diamond Model of Intrusion?

  • A. delivery
  • B. reconnaissance
  • C. action on objectives
  • D. installation
  • E. exploitation
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Community vote distribution
A (35%)
C (25%)
B (20%)
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Loading ...