Want to know Pass4sure 210-260 Exam practice test features? Want to lear more about Cisco Implementing Cisco Network Security certification experience? Study Printable Cisco 210-260 answers to Most recent 210-260 questions at Pass4sure. Gat a success with an absolute guarantee to pass Cisco 210-260 (Implementing Cisco Network Security) test on your first attempt.

2017 Mar 210-260 brain dumps

Q21. Refer to the exhibit. 

While troubleshooting site-to-site VPN, you issued the show crypto ipsec sa command. What does the given output show? 

A. IPSec Phase 2 is established between 10.1.1.1 and 10.1.1.5. 

B. ISAKMP security associations are established between 10.1.1.5 and 10.1.1.1. 

C. IKE version 2 security associations are established between 10.1.1.1 and 10.1.1.5. 

D. IPSec Phase 2 is down due to a mismatch between encrypted and decrypted packets. 

Answer:


Q22. You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP Address Reputation. A user calls and is not able to access a certain IP address. What action can you take to allow the user access to the IP address? 

A. Create a whitelist and add the appropriate IP address to allow the traffic. 

B. Create a custom blacklist to allow the traffic. 

C. Create a user based access control rule to allow the traffic. 

D. Create a network based access control rule to allow the traffic. 

E. Create a rule to bypass inspection to allow the traffic. 

Answer:


Q23. What are two default Cisco IOS privilege levels? (Choose two.) 

A. 0 

B. 1 

C. 5 

D. 7 

E. 10 

F. 15 

Answer: B,F 


Q24. Which tool can an attacker use to attempt a DDoS attack? 

A. botnet 

B. Trojan horse 

C. virus 

D. adware 

Answer:


Q25. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

Which four tunneling protocols are enabled in the DfltGrpPolicy group policy? (Choose four) 

A. Clientless SSL VPN 

B. SSL VPN Client 

C. PPTP 

D. L2TP/IPsec 

E. IPsec IKEv1 

F. IPsec IKEv2 

Cisco 210-260 : Practice Test 

Answer: A,D,E,F 

Explanation: 

By clicking one the Configuration-> Remote Access -> Clientless CCL VPN Access-> Group Policies tab you can view the DfltGrpPolicy protocols as shown below: 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.00.18 AM.png 


Up to the minute 210-260 question:

Q26. What type of algorithm uses the same key to encrypt and decrypt data? Cisco 210-260 : Practice Test 

A. a symmetric algorithm 

B. an asymmetric algorithm 

C. a Public Key Infrastructure algorithm 

D. an IP security algorithm 

Answer:


Q27. What is a reason for an organization to deploy a personal firewall? 

A. To protect endpoints such as desktops from malicious activity. 

B. To protect one virtual network segment from another. 

C. To determine whether a host meets minimum security posture requirements. 

D. To create a separate, non-persistent virtual environment that can be destroyed after a session. 

E. To protect the network from DoS and syn-flood attacks. 

Answer:


Q28. For what reason would you configure multiple security contexts on the ASA firewall? 

A. To separate different departments and business units. 

B. To enable the use of VRFs on routers that are adjacently connected. 

C. To provide redundancy and high availability within the organization. 

D. To enable the use of multicast routing and QoS through the firewall. 

Answer:


Q29. What type of security support is provided by the Open Web Application Security Project? 

A. Education about common Web site vulnerabilities. 

B. A Web site security framework. 

C. A security discussion forum for Web site developers. 

D. Scoring of common vulnerabilities and exposures. 

Answer:


Q30. Which two next-generation encryption algorithms does Cisco recommend? (Choose two.) 

A. AES 

B. 3DES 

C. DES 

D. MD5 

E. DH-1024 

F. SHA-384 

Answer: A,F