This page was exported from PassLeader New Cisco Exam Dumps - CCNA, CCNP, CCIE, DevNet, CCDE Certification Exam Dumps VCE and PDF and Braindumps and Practice Tests [ https://www.ciscovceplus.com ] Export date:Sun Mar 24 6:08:34 2024 / +0000 GMT ___________________________________________________ Title: Cisco CCNA Security 210-260 Dumps With VCE and PDF Download (Question 1 - Question 20) --------------------------------------------------- New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: http://www.passleader.com/210-260.html (488 Q&As --> 520 Q&As --> 537 Q&As --> 553 Q&As) P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg QUESTION 1 Which statement about communication over failover interfaces is true? A.    All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default. B.    All information that is sent over the failover and stateful failover interfaces is encrypted by default. C.    All information that is sent over the failover and stateful failover interfaces is sent as clear text by default. D.    Usernames, password and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text. Answer: C QUESTION 2 Which three ESP fields can be encrypted during transmission? (Choose three) A.    Security Parameter Index B.    Sequence Number C.    MAC Address D.    Padding E.    Pad Length F.    Next Header Answer: DEF QUESTION 3 According to Cisco best practices, which three protocols should the default ACL allow an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three) A.    BOOTP B.    TFTP C.    DNS D.    MAB E.    HTTP F.    802.1x Answer: ABC QUESTION 4 Refer to the exhibit. If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond? A.    The switch will cycle through the configured authentication methods indefinitely. B.    The supplicant will fail to advance beyond the webauth method. C.    The authentication attempt will time out and the switch will place the port into the unathorized state. D.    The authentication attempt will time out and the switch will place the port into VLAN 101. Answer: B QUESTION 5 Which SOURCEFIRE logging action should you choose to record the most detail about a connection. A.    Enable logging at the beginning of the session B.    Enable logging at the end of the session C.    Enable alerts via SNMP to log events off-box D.    Enable eStreamer to log events off-box Answer: B QUESTION 6 What type of algorithm uses the same key to encryp and decrypt data? A.    a symmetric algorithm B.    an asymetric algorithm C.    a Public Key infrastructure algorithm D.    an IP Security algorithm Answer: A QUESTION 7 If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet? A.    The ASA will apply the actions from only the most specific matching class map it finds for the feature type. B.    The ASA will apply the actions from all matching class maps it finds for the feature type. C.    The ASA will apply the actions from only the last matching class map it finds for the feature type. D.    The ASA will apply the actions from only the first matching class map it finds for the feature type. Answer: D QUESTION 8 You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP address Reputation. A user calls and is not able to access a certain IP address. What action can you take to allow the user access to the IP address? A.    Create a custom blacklist to allow traffic. B.    Create a whitelist and add the appropriate IP address to allow traffic. C.    Create a user based access control rule to allo the traffic. D.    Create a network based access control rule to allow the traffic. E.    Create a rule to bypass inspection to allow the traffic. Answer: B QUESTION 9 Which EAP method uses protected Access Credentials? A.    EAP-TLS B.    EAP-PEAP C.    EAP-FAST D.    EAP-GTC Answer: C QUESTION 10 In which two situations should you use out-of-band management? (Choose two) A.    when a network device fails to forward packets B.    when management applications need concurrent access to the device C.    when you require ROMMON access D.    when you require administrator's access from multiple locations E.    when the control plane fails to respond Answer: AC QUESTION 11 What features can protect the data plane? (Choose three.) A.    policing B.    ACLs C.    IPS D.    antispoofing E.    QoS F.    DHCP-snooping Answer: BDF QUESTION 12 How many crypto map sets can you apply to a router interface? A.    3 B.    2 C.    4 D.    1 Answer: D QUESTION 13 What is the transition order of STP states on a Layer 2 switch interface? A.    listening, learning, blocking, forwarding, disabled B.    listening, blocking, learning, forwarding, disabled C.    blocking, listening, learning, forwarding, disabled D.    forwarding, listening, learning, blocking, disabled Answer: C QUESTION 14 Which sensor mode can deny attackers inline? A.    IPS B.    fail-close C.    IDS D.    fail-open Answer: A QUESTION 15 Which options are filtering options used to display SDEE message types? A.    stop B.    none C.    error D.    all Answer: CD QUESTION 16 When a company puts a security policy in place, what is the effect on the company's business? A.    Minimizing risk B.    Minimizing total cost of ownership C.    Minimizing liability D.    Maximizing compliance Answer: A QUESTION 17 Which wildcard mask is associated with a subnet mask of /27? A.    0.0.0.31 B.    0.0.0.27 C.    0.0.0.224 D.    0.0.0.255 Answer: A QUESTION 18 Which statements about reflexive access lists are true? A.    Reflexive access lists create a permanent ACE B.    Reflexive access lists approximate session filtering using the established keyword C.    Reflexive access lists can be attached to standard named IP ACLs D.    Reflexive access lists support UDP sessions E.    Reflexive access lists can be attached to extended named IP ACLs F.    Reflexive access lists support TCP sessions Answer: DEF QUESTION 19 Which actions can a promiscuous IPS take to mitigate an attack? A.    modifying packets B.    requesting connection blocking C.    denying packets D.    resetting the TCP connection E.    requesting host blocking F.    denying frames Answer: BDE QUESTION 20 Which Cisco Security Manager application collects information about device status and uses it to generate notifications and alerts? A.    FlexConfig B.    Device Manager C.    Report Manager D.    Health and Performance Monitor Answer: D Explanation: "Report Manager - Collects, displays and exports network usage and security information for ASA and IPS devices, and for remote-access IPsec and SSL VPNs. These reports aggregate security data such as top sources, destinations, attackers, victims, as well as security information such as top bandwidth, duration, and throughput users. Data is also aggregated for hourly, daily, and monthly periods." And "Health and Performance Monitor (HPM)? Monitors and displays key health, performance and VPN data for ASA and IPS devices in your network. This information includes critical and non-critical issues, such as memory usage, interface status, dropped packets, tunnel status, and so on. You also can categorize devices for normal or priority monitoring, and set different alert rules for the priority devices." New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: http://www.passleader.com/210-260.html (488 Q&As --> 520 Q&As --> 537 Q&As --> 553 Q&As) P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg --------------------------------------------------- Images: http://www.ciscovceplus.com/wp-content/uploads/2016/11/passleader-210-260-dumps-41_thumb.jpg --------------------------------------------------- --------------------------------------------------- Post date: 2018-07-01 14:52:13 Post date GMT: 2018-07-01 14:52:13 Post modified date: 2019-11-28 09:34:37 Post modified date GMT: 2019-11-28 09:34:37 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com