Your success in Cisco 600-199 is our sole target and we develop all our 600-199 braindumps in a way that facilitates the attainment of this target. Not only is our 600-199 study material the best you can find, it is also the most detailed and the most updated. 600-199 Practice Exams for Cisco 600-199 are written to the highest standards of technical accuracy.
2026 New 600-199 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/600-199/
Q1. In the context of a network security device like an IPS, which event would qualify as having the highest severity?
A. remote code execution attempt
B. brute force login attempt
C. denial of service attack
D. instant messenger activity
Answer: A
Q2. As a part of incident response, which action should be performed?
A. watch to see if the incident reoccurs
B. custody of information
C. maintain data security and custody for future forensics use
D. classify the problem
Answer: C
Q3. What is the maximum size of an IP datagram?
A. There is no maximum size.
B. It is limited only by the memory on the host computers at either end of the connection and the intermediate routers.
C. 1024 bytes
D. 65535 bytes
E. 32768 bytes
Answer: D
Q4. Which two statements about the IPv4 TTL field are true? (Choose two.)
A. If the TTL is 0, the datagram is automatically retransmitted.
B. Each router that forwards an IP datagram reduces the TTL value by one.
C. It is used to limit the lifetime of an IP datagram on the Internet.
D. It is used to track IP datagrams on the Internet.
Answer: B, C
Q5. What is the purpose of the TCP SYN flag?
A. to sequence each byte of data in a TCP connection
B. to synchronize the initial sequence number contained in the Sequence Number header field with the other end of the connection
C. to acknowledge outstanding data relative to the byte count contained in the Sequence Number header field
D. to sequence each byte of data in a TCP connection relative to the byte count contained in the Sequence Number header field
Answer: B
Q6. Which four tools are used during an incident to collect data? (Choose four.)
A. Sniffer
B. TCPDump
C. FTK
D. EnCase
E. ABC
F. ASA
G. Microsoft Windows 7
Answer: A, B, C, D
Q7. Which three tools should be used for incident response? (Choose three.)
A. screwdriver
B. sniffer
C. antivirus/anti-malware software
D. video player
E. CPU
F. RAM
Answer: A, B, C
Q8. Which data is the most useful to determine if a network attack was occurring from inbound Internet traffic?
A. syslogs from all core switches
B. NetfFow data from border firewall(s)
C. VPN connection logs
D. DNS request logs
E. Apache server logs
Answer: B
Q9. Given the signature "SQL Table Manipulation Detected", which site may trigger a false positive?
A. a company selling discount dining-room table inserts
B. a large computer hardware company
C. a small networking company
D. a biotech company
Answer: A
Q10. Which network management protocol relies on multiple connections between a managed device and the management station where such connections can be independently initiated by either side?
A. SSH
B. SNMP
C. Telnet
D. NetFlow
Answer: B