It is impossible to pass Cisco 210 260 vce exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed Cisco ccna security 210 260 vce practice questions. You will get a surprising result by our Abreast of the times Implementing Cisco Network Security practice guides.
Q21. Refer to the exhibit.
How many times was a read-only string used to attempt a write operation?
A. 9
B. 6
C. 4
D. 3
E. 2
Answer: A
Q22. Which statement about a PVLAN isolated port configured on a switch is true?
A. The isolated port can communicate only with the promiscuous port.
B. The isolated port can communicate with other isolated ports and the promiscuous port.
C. The isolated port can communicate only with community ports.
D. The isolated port can communicate only with other isolated ports.
Answer: A
Q23. You want to allow all of your company's users to access the Internet without allowing other Web servers to collect the IP addresses of individual users. What two solutions can you use? (Choose two).
A. Configure a proxy server to hide users' local IP addresses.
B. Assign unique IP addresses to all users.
C. Assign the same IP address to all users.
D. Install a Web content filter to hide users' local IP addresses.
E. Configure a firewall to use Port Address Translation.
Answer: A,E
Q24. Scenario
In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations.
To access ASDM, click the ASA icon in the topology diagram.
Note: Not all ASDM functionalities are enabled in this simulation.
To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first.
Which four tunneling protocols are enabled in the DfltGrpPolicy group policy? (Choose four)
A. Clientless SSL VPN
B. SSL VPN Client
C. PPTP
D. L2TP/IPsec
E. IPsec IKEv1
F. IPsec IKEv2
Cisco 210-260 : Practice Test
Answer: A,D,E,F
Explanation:
By clicking one the Configuration-> Remote Access -> Clientless CCL VPN Access-> Group Policies tab you can view the DfltGrpPolicy protocols as shown below:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.00.18 AM.png
Q25. Which statement about communication over failover interfaces is true?
A. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default.
B. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default.
C. All information that is sent over the failover and stateful failover interfaces is encrypted by default.
D. User names, passwords, and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text.
Answer: A
Q26. Which tool can an attacker use to attempt a DDoS attack?
A. botnet
B. Trojan horse
C. virus
D. adware
Answer: A
Q27. In which two situations should you use out-of-band management? (Choose two.)
A. when a network device fails to forward packets
B. when you require ROMMON access
C. when management applications need concurrent access to the device
D. when you require administrator access from multiple locations
Cisco 210-260 : Practice Test
E. when the control plane fails to respond
Answer: A,B
Q28. In a security context, which action can you take to address compliance?
A. Implement rules to prevent a vulnerability.
B. Correct or counteract a vulnerability.
C. Reduce the severity of a vulnerability.
D. Follow directions from the security appliance manufacturer to remediate a vulnerability.
Answer: A
Q29. What type of security support is provided by the Open Web Application Security Project?
A. Education about common Web site vulnerabilities.
B. A Web site security framework.
C. A security discussion forum for Web site developers.
D. Scoring of common vulnerabilities and exposures.
Answer: A
Q30. An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?
A. The switch could offer fake DHCP addresses.
B. The switch could become the root bridge.
C. The switch could be allowed to join the VTP domain.
D. The switch could become a transparent bridge.
Answer: B
Q31. What type of packet creates and performs network operations on a network device?
A. control plane packets
B. data plane packets
C. management plane packets
D. services plane packets
Answer: A
Q32. When is the best time to perform an anti-virus signature update?
A. Every time a new update is available.
B. When the local scanner has detected a new virus.
C. When a new virus is discovered in the wild.
D. When the system detects a browser hook.
Answer: A
Q33. What is one requirement for locking a wired or wireless device from ISE? Cisco 210-260 : Practice Test
A. The ISE agent must be installed on the device.
B. The device must be connected to the network when the lock command is executed.
C. The user must approve the locking action.
D. The organization must implement an acceptable use policy allowing device locking.
Answer: A
Q34. Which two statements about Telnet access to the ASA are true? (Choose two).
A. You may VPN to the lowest security interface to telnet to an inside interface.
B. You must configure an AAA server to enable Telnet.
C. You can access all interfaces on an ASA using Telnet.
D. You must use the command virtual telnet to enable Telnet.
E. Best practice is to disable Telnet and use SSH.
Answer: A,E
Q35. What is the purpose of the Integrity component of the CIA triad?
A. to ensure that only authorized parties can modify data
B. to determine whether data is relevant
C. to create a process for accessing data
D. to ensure that only authorized parties can view data
Answer: A
Q36. Which two authentication types does OSPF support? (Choose two.)
A. plaintext
B. MD5
C. HMAC
D. AES 256
E. SHA-1
F. DES
Answer: A,B
Q37. Scenario
In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations.
To access ASDM, click the ASA icon in the topology diagram.
Note: Not all ASDM functionalities are enabled in this simulation.
To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first.
When users login to the Clientless SSLVPN using https://209.165.201.2/test, which group policy will be applied?
A. test
B. clientless
C. Sales
D. DfltGrpPolicy
E. DefaultRAGroup
F. DefaultWEBVPNGroup
Answer: C
Explanation: First navigate to the Connection Profiles tab as shown below, highlight the one with the test alias:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.45.23 AM.png
Then hit the “edit” button and you can clearly see the Sales Group Policy being applied.
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.44.53 AM.png
Q38. Refer to the exhibit.
What is the effect of the given command sequence?
A. It configures IKE Phase 1.
B. It configures a site-to-site VPN tunnel.
C. It configures a crypto policy with a key size of 14400.
D. It configures IPSec Phase 2.
Answer: A
Q39. What is the only permitted operation for processing multicast traffic on zone-based firewalls?
A. Only control plane policing can protect the control plane against multicast traffic.
B. Stateful inspection of multicast traffic is supported only for the self-zone.
C. Stateful inspection for multicast traffic is supported only between the self-zone and the internal zone.
D. Stateful inspection of multicast traffic is supported only for the internal zone.
Answer: A
Q40. What are two default Cisco IOS privilege levels? (Choose two.)
A. 0
B. 1
C. 5
D. 7
E. 10
F. 15
Answer: B,F