Want to Pass 210-260 Exam In Next HOURS? Get it now →
May 11, 2018

Super ways to ccna security 210 260 official cert guide pdf download

Cause all that matters here is passing the Cisco ccna security 210 260 official cert guide pdf download exam. Cause all that you need is a high score of 210 260 dumps IINS Implementing Cisco Network Security exam. The only one thing you need to do is downloading Pass4sure ccna 210 260 exam study guides now. We will not let you down with our money-back guarantee.

P.S. Simulation 210-260 Q&A are available on Google Drive, GET MORE: https://drive.google.com/open?id=15-c9rTF9Mlkw5H3RVg0ANt7WlKNsZNZm

New Cisco 210-260 Exam Dumps Collection (Question 15 - Question 24)

Question No: 15

What three actions are limitations when running IPS in promiscuous mode? (Choose three.)

A. deny attacker

B. deny packet

C. modify packet

D. request block connection

E. request block host

F. reset TCP connection

Answer: A,B,C

Question No: 16

Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)




D. MD5

E. DH-1024

F. SHA-384

Answer: A,F

Question No: 17

When an administrator initiates a device wipe command from the ISE, what is the immediate effect?

A. It requests the administrator to choose between erasing all device data or only managed corporate data.

B. It requests the administrator to enter the device PIN or password before proceeding with the operation.

C. It notifies the device user and proceeds with the erase operation.

D. It immediately erases all data on the device.

Answer: A

Question No: 18

A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URL and becoming infected with malware.

A. Enable URL filtering on the perimeter router and add the URLs you want to block to the router's local URL list.

B. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the router's local URL list.

C. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewall's local URL list.

D. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router.

E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.

Answer: A

Question No: 19

Which type of Cisco ASA access list entry can be configured to match multiple entries in a single statement?

A. nested object-class

B. class-map

C. extended wildcard matching

D. object groups

Answer: D


Reference: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/objectgroups.html

Information About Object Groups

By grouping like objects together, you can use the object group in an ACE instead of having to enter an ACE for each object separately. You can create the following types of object groups:




u2022ICMP type

For example, consider the following three object groups:

u2022MyServices u2014 Includes the TCP and UDP port numbers of the service requests that are allowed access to the internal network.

u2022TrustedHosts u2014 Includes the host and network addresses allowed access to the greatest range of services and servers.

u2022PublicServers u2014 Includes the host addresses of servers to which the greatest access is provided.

After creating these groups, you could use a single ACE to allow trusted hosts to make

specific service requests to a group of public servers. You can also nest object groups in other object groups.

Question No: 20

According to Cisco best practices, which three protocols should the default ACL allow on an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three.)






F. 802.1x

Answer: A,B,C

Question No: 21

Refer to the exhibit.

What type of firewall would use the given configuration line?

A. a stateful firewall

B. a personal firewall

C. a proxy firewall

D. an application firewall

E. a stateless firewall

Answer: A

Question No: 22

Which three statements describe DHCP spoofing attacks? (Choose three.)

A. They can modify traffic in transit.

B. They are used to perform man-in-the-middle attacks.

C. They use ARP poisoning.

D. They can access most network devices.

E. They protect the identity of the attacker by masking the DHCP address.

F. They are can physically modify the network gateway.

Answer: A,B,C

Question No: 23

What IPSec mode is used to encrypt traffic between a server and VPN endpoint?

A. tunnel

B. Trunk

C. Aggregated

D. Quick

E. Transport

Answer: E

Question No: 24

Which IDS/IPS solution can monitor system processes and resources?





Answer: B

see more free 210-260 exam dumps

P.S. Easily pass 210-260 Exam with Thedumpscentre Simulation Dumps & pdf vce, Try Free: http://www.thedumpscentre.com/210-260-dumps/ (310 New Questions)