CCNA Cyber Ops Understanding Cisco Cybersecurity Fundamentals

Here you have the best Cisco 210-250 practice exam questions

  • You have 102 total questions to study from
  • Each page has 5 questions, making a total of 21 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 1, 2024
Question 1 of 102

Which definition of a fork in Linux is true?

    Correct Answer: D

    A fork in Linux refers to the system call used to create a new process from an existing parent process. This newly created process is known as the child process, which runs as a separate instance of the program. The other options do not relate to the definition of a fork in Linux: a daemon executes scheduled commands, the parentdirectory name is part of a file path, and macros for manipulating CPU sets are used for CPU affinity, not process creation.

Question 2 of 102

If a web server accepts input from the user and passes it to a bash shell, to which attack method if it vulnerable?

    Correct Answer: C

    If a web server accepts input from the user and passes it to a bash shell, it is vulnerable to command injection. This type of attack occurs when a malicious user sends commands through the input fields, which are then executed by the server's shell, potentially allowing the attacker to execute arbitrary commands, access sensitive data, or take control of the system. Input validation, hash collision, and integer overflow are different vulnerabilities that do not directly pertain to executing shell commands based on user input.

Question 3 of 102

Which security monitoring data type is associated with application server logs?

    Correct Answer: D

    Transaction data is the type of security monitoring data associated with application server logs. Transaction data consists of the messages exchanged during network sessions, which is consistent with the information typically found in application server logs. This includes detailed records of interactions that occur between clients and servers, making it suitable for tracking and analyzing application activity.

Question 4 of 102

Which two terms are types of cross site scripting attacks? (Choose two.)

    Correct Answer: C, D

    The two primary types of cross-site scripting (XSS) attacks are stored and reflected XSS. Stored XSS occurs when malicious scripts are permanently stored on a target server, such as in a database, comment field, or web forum. Reflected XSS happens when a malicious script is reflected off a web server, such as in an error message, search result, or another response that includes some or all of the input sent to the server. Other terms provided, such as 'directed', 'encoded', and 'cascaded' are not recognized types of XSS attacks.

Question 5 of 102

Which tool is commonly used by threat actors on a webpage to take advantage of the software vulnerabilities of a system to spread malware?

    Correct Answer: A

    An exploit kit is a type of toolkit used by cybercriminals to exploit security holes in software applications, typically by hosting the kit on malicious websites or by injecting it into compromised, otherwise legitimate websites. When users visit these websites, the exploit kit automatically scans for software vulnerabilities and attempts to exploit them to deliver malicious payloads, such as malware. This makes exploit kits the correct answer for a tool used by threat actors on a webpage to exploit software vulnerabilities and spread malware.