Proper study guides for Most recent Cisco Implementing Cisco Network Security certified begins with Cisco ccna security 210 260 book preparation products which designed to deliver the Certified ccna security 210 260 official cert guide questions by making you pass the ccna security 210 260 dumps pdf test at your first time. Try the free ccna security 210 260 dumps pdf free download demo right now.

Q1. Which three ESP fields can be encrypted during transmission? (Choose three.) 

A. Security Parameter Index 

B. Sequence Number 

C. MAC Address 

D. Padding 

E. Pad Length 

F. Next Header 

Answer: D,E,F 

Q2. Which Sourcefire logging action should you choose to record the most detail about a connection? 

A. Enable logging at the end of the session. 

B. Enable logging at the beginning of the session. 

C. Enable alerts via SNMP to log events off-box. 

D. Enable eStreamer to log events off-box. 


Q3. In which two situations should you use out-of-band management? (Choose two.) 

A. when a network device fails to forward packets 

B. when you require ROMMON access 

C. when management applications need concurrent access to the device 

D. when you require administrator access from multiple locations 

Cisco 210-260 : Practice Test 

E. when the control plane fails to respond 

Answer: A,B 

Q4. If a switch receives a superior BPDU and goes directly into a blocked state, what mechanism must be in use? 

A. root guard 

B. EtherChannel guard 

C. loop guard 

D. BPDU guard 


Q5. What is the only permitted operation for processing multicast traffic on zone-based firewalls? 

A. Only control plane policing can protect the control plane against multicast traffic. 

B. Stateful inspection of multicast traffic is supported only for the self-zone. 

C. Stateful inspection for multicast traffic is supported only between the self-zone and the internal zone. 

D. Stateful inspection of multicast traffic is supported only for the internal zone. 


Q6. After reloading a router, you issue the dir command to verify the installation and observe that the image file appears to be missing. For what reason could the image file fail to appear in the dir output? 

A. The secure boot-image command is configured. 

B. The secure boot-comfit command is configured. 

C. The confreg 0x24 command is configured. 

D. The reload command was issued from ROMMON. 


Q7. When is the best time to perform an anti-virus signature update? 

A. Every time a new update is available. 

B. When the local scanner has detected a new virus. 

C. When a new virus is discovered in the wild. 

D. When the system detects a browser hook. 


Q8. Refer to the exhibit. 

What is the effect of the given command sequence? 

A. It configures IKE Phase 1. 

B. It configures a site-to-site VPN tunnel. 

C. It configures a crypto policy with a key size of 14400. 

D. It configures IPSec Phase 2. 


Q9. Which tool can an attacker use to attempt a DDoS attack? 

A. botnet 

B. Trojan horse 

C. virus 

D. adware 


Q10. What is a reason for an organization to deploy a personal firewall? 

A. To protect endpoints such as desktops from malicious activity. 

B. To protect one virtual network segment from another. 

C. To determine whether a host meets minimum security posture requirements. 

D. To create a separate, non-persistent virtual environment that can be destroyed after a session. 

E. To protect the network from DoS and syn-flood attacks.