Examples of cisco 210 260

Proper study guides for Most up-to-date Cisco IINS Implementing Cisco Network Security certified begins with Cisco cisco ccna security 210 260 iins preparation products which designed to deliver the Exact cisco ccna security 210 260 questions by making you pass the examcollection 210 260 test at your first time. Try the free ccna security 210 260 pdf demo right now.

P.S. Exact 210-260 faq are available on Google Drive, GET MORE: https://drive.google.com/open?id=1Kl4PFWi2xwwT55i2I8OXlDu8m47EY9P5


New Cisco 210-260 Exam Dumps Collection (Question 10 - Question 19)

Question No: 10

Refer to the exhibit.

While troubleshooting site-to-site VPN, you issued the show crypto ipsec sa command. What does the given output show?

A. IPSec Phase 2 is established between 10.1.1.1 and 10.1.1.5.

B. ISAKMP security associations are established between 10.1.1.5 and 10.1.1.1.

C. IKE version 2 security associations are established between 10.1.1.1 and 10.1.1.5.

D. IPSec Phase 2 is down due to a mismatch between encrypted and decrypted packets.

Answer: A


Question No: 11

Which command do you enter to enable authentication for OSPF on an interface?

A. router(config-if)#ip ospf message-digest-key 1 md5 CISCOPASS

B. router(config-router)#area 0 authentication message-digest

C. router(config-router)#ip ospf authentication-key CISCOPASS

D. router(config-if)#ip ospf authentication message-digest

Answer: D


Question No: 12

Which two NAT types allows only objects or groups to reference an IP address? (choose two)

A. dynamic NAT

B. dynamic PAT

C. static NAT

D. identity NAT

Answer: A,C


Question No: 13

In which type of attack does the attacker attempt to overload the CAM table on a switch so that the switch acts as a hub?

A. MAC spoofing

B. gratuitous ARP

C. MAC flooding

D. DoS

Answer: C


Question No: 14

If the native VLAN on a trunk is different on each end of the link, what is a potential consequence?

A. The interface on both switches may shut down

B. STP loops may occur

C. The switch with the higher native VLAN may shut down

D. The interface with the lower native VLAN may shut down

Answer: B


Question No: 15

In a security context, which action can you take to address compliance?

A. Implement rules to prevent a vulnerability.

B. Correct or counteract a vulnerability.

C. Reduce the severity of a vulnerability.

D. Follow directions from the security appliance manufacturer to remediate a vulnerability.

Answer: A


Question No: 16

Which option is a key security component of an MDM deployment?

A. using MS-CHAPv2 as the primary EAP method.

B. using self-signed certificates to validate the server.

C. using network-specific installer packages

D. using an application tunnel by default.

Answer: B


Question No: 17

Which filter uses in Web reputation to prevent from Web Based Attacks? (Choose two)

A. outbreak filter

B. buffer overflow filter

C. bayesian overflow filter

D. web reputation

E. exploit filtering

Answer: A,D


Question No: 18

Which type of Cisco ASA access list entry can be configured to match multiple entries in a single statement?

A. nested object-class

B. class-map

C. extended wildcard matching

D. object groups

Answer: D

Explanation:

Reference: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/objectgroups.html

Information About Object Groups

By grouping like objects together, you can use the object group in an ACE instead of having to enter an ACE for each object separately. You can create the following types of object groups:

u2022Protocol

u2022Network

u2022Service

u2022ICMP type

For example, consider the following three object groups:

u2022MyServices u2014 Includes the TCP and UDP port numbers of the service requests that are allowed access to the internal network.

u2022TrustedHosts u2014 Includes the host and network addresses allowed access to the greatest range of services and servers.

u2022PublicServers u2014 Includes the host addresses of servers to which the greatest access is provided.

After creating these groups, you could use a single ACE to allow trusted hosts to make

specific service requests to a group of public servers. You can also nest object groups in other object groups.


Question No: 19

A proxy firewall protects against which type of attack?

A. cross-site scripting attack

B. worm traffic

C. port scanning

D. DDoS attacks

Answer: A


100% Most up-to-date Cisco 210-260 Questions & Answers shared by Thedumpscentre, Get HERE: http://www.thedumpscentre.com/210-260-dumps/ (New 310 Q&As)