Shortcuts To 210-260(31 to 40)

Exam Code: 210-260 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco Network Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 210-260 Exam.


The article at Testaimer.com going over http://www.testaimer.com/210-260-test is very comprehensive.

2017 Mar 210-260 vce

Q31. How does the Cisco ASA use Active Directory to authorize VPN users? 

A. It queries the Active Directory server for a specific attribute for the specified user. 

B. It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server. 

C. It downloads and stores the Active Directory database to query for future authorization requests. 

D. It redirects requests to the Active Directory server defined for the VPN group. 

Answer:


Q32. What command can you use to verify the binding table status? 

A. show ip dhcp snooping database 

B. show ip dhcp snooping binding 

C. show ip dhcp snooping statistics 

D. show ip dhcp pool 

E. show ip dhcp source binding 

F. show ip dhcp snooping 

Answer:


Q33. What is the effect of the send-lifetime local 23:59:00 31 December 31 2013 infinite command? 

A. It configures the device to begin transmitting the authentication key to other devices at 00:00:00 local time on January 1, 2014 and continue using the key indefinitely. 

B. It configures the device to begin transmitting the authentication key to other devices at 23:59:00 local time on December 31, 2013 and continue using the key indefinitely. 

C. It configures the device to begin accepting the authentication key from other devices immediately and stop accepting the key at 23:59:00 local time on December 31, 2013. 

D. It configures the device to generate a new authentication key and transmit it to other devices at 23:59:00 local time on December 31, 2013. 

E. It configures the device to begin accepting the authentication key from other devices at 23:59:00 local time on December 31, 2013 and continue accepting the key indefinitely. 

F. It configures the device to begin accepting the authentication key from other devices at 00:00:00 local time on January 1, 2014 and continue accepting the key indefinitely. 

Answer:


Q34. Which three statements about host-based IPS are true? (Choose three.) 

A. It can view encrypted files. 

B. It can have more restrictive policies than network-based IPS. 

C. It can generate alerts based on behavior at the desktop level. 

D. It can be deployed at the perimeter. 

E. It uses signature-based policies. 

F. It works with deployed firewalls. 

Answer: A,B,C 


Q35. What is a reason for an organization to deploy a personal firewall? 

A. To protect endpoints such as desktops from malicious activity. 

B. To protect one virtual network segment from another. 

C. To determine whether a host meets minimum security posture requirements. 

D. To create a separate, non-persistent virtual environment that can be destroyed after a session. 

E. To protect the network from DoS and syn-flood attacks. 

Answer:


Refresh 210-260 free download:

Q36. Which statement about personal firewalls is true? 

A. They can protect a system by denying probing requests. 

B. They are resilient against kernel attacks. 

C. They can protect email messages and private documents in a similar way to a VPN. 

D. They can protect the network against attacks. 

Answer:


Q37. An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity? 

A. The switch could offer fake DHCP addresses. 

B. The switch could become the root bridge. 

C. The switch could be allowed to join the VTP domain. 

D. The switch could become a transparent bridge. 

Answer:


Q38. Which FirePOWER preprocessor engine is used to prevent SYN attacks? 

A. Rate-Based Prevention 

B. Portscan Detection 

C. IP Defragmentation 

D. Inline Normalization 

Answer:


Q39. What is the FirePOWER impact flag used for? Cisco 210-260 : Practice Test 

A. A value that indicates the potential severity of an attack. 

B. A value that the administrator assigns to each signature. 

C. A value that sets the priority of a signature. 

D. A value that measures the application awareness. 

Answer:


Q40. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test? 

A. AAA with LOCAL database 

B. AAA with RADIUS server 

C. Certificate 

D. Both Certificate and AAA with LOCAL database 

E. Both Certificate and AAA with RADIUS server 

Cisco 210-260 : Practice Test 

Answer:

Explanation: 

This can be seen from the Connection Profiles Tab of the Remote Access VPN configuration, where the alias of test is being used, 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.16.10 AM.png