ccna security 210 260? Tips for success


The article at Testaimer.com going over http://www.testaimer.com/210-260-test is very comprehensive.

Q1. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

When users login to the Clientless SSLVPN using https://209.165.201.2/test, which group policy will be applied? 

A. test 

B. clientless 

C. Sales 

D. DfltGrpPolicy 

E. DefaultRAGroup 

F. DefaultWEBVPNGroup 

Answer:

Explanation: First navigate to the Connection Profiles tab as shown below, highlight the one with the test alias: 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.45.23 AM.png 

Then hit the “edit” button and you can clearly see the Sales Group Policy being applied. 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.44.53 AM.png 


Q2. Refer to the exhibit. 

If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond? 

A. The supplicant will fail to advance beyond the webauth method. 

B. The switch will cycle through the configured authentication methods indefinitely. 

C. The authentication attempt will time out and the switch will place the port into the unauthorized state. 

D. The authentication attempt will time out and the switch will place the port into VLAN 101. 

Answer:


Q3. You want to allow all of your company's users to access the Internet without allowing other Web servers to collect the IP addresses of individual users. What two solutions can you use? (Choose two). 

A. Configure a proxy server to hide users' local IP addresses. 

B. Assign unique IP addresses to all users. 

C. Assign the same IP address to all users. 

D. Install a Web content filter to hide users' local IP addresses. 

E. Configure a firewall to use Port Address Translation. 

Answer: A,E 


Q4. What type of algorithm uses the same key to encrypt and decrypt data? Cisco 210-260 : Practice Test 

A. a symmetric algorithm 

B. an asymmetric algorithm 

C. a Public Key Infrastructure algorithm 

D. an IP security algorithm 

Answer:


Q5. Refer to the exhibit. 

What is the effect of the given command sequence? 

A. It configures IKE Phase 1. 

B. It configures a site-to-site VPN tunnel. 

C. It configures a crypto policy with a key size of 14400. 

D. It configures IPSec Phase 2. 

Answer:


Q6. Which three ESP fields can be encrypted during transmission? (Choose three.) 

A. Security Parameter Index 

B. Sequence Number 

C. MAC Address 

D. Padding 

E. Pad Length 

F. Next Header 

Answer: D,E,F 


Q7. A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URL and becoming infected with malware. 

A. Enable URL filtering on the perimeter router and add the URLs you want to block to the router's local URL list. 

B. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the router's local URL list. 

C. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewall's local URL list. 

D. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router. 

E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router. 

Answer:


Q8. Refer to the exhibit. 

How many times was a read-only string used to attempt a write operation? 

A. 9 

B. 6 

C. 4 

D. 3 

E. 2 

Answer:


Q9. Which statement about communication over failover interfaces is true? 

A. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default. 

B. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default. 

C. All information that is sent over the failover and stateful failover interfaces is encrypted by default. 

D. User names, passwords, and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text. 

Answer:


Q10. Which statement about a PVLAN isolated port configured on a switch is true? 

A. The isolated port can communicate only with the promiscuous port. 

B. The isolated port can communicate with other isolated ports and the promiscuous port. 

C. The isolated port can communicate only with community ports. 

D. The isolated port can communicate only with other isolated ports. 

Answer: