Proper study guides for Up to the minute Cisco Implementing Cisco Network Security certified begins with Cisco cisco ccna security 210 260 preparation products which designed to deliver the Approved ccna 210 260 questions by making you pass the ccna security 210 260 official cert guide pdf free download test at your first time. Try the free ccna 210 260 demo right now.

Q21. Which tool can an attacker use to attempt a DDoS attack? 

A. botnet 

B. Trojan horse 

C. virus 

D. adware 

Answer:


Q22. In what type of attack does an attacker virtually change a device's burned-in address in an attempt to circumvent access lists and mask the device's true identity? 

A. gratuitous ARP 

B. ARP poisoning 

C. IP spoofing 

D. MAC spoofing 

Answer:


Q23. If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet? 

A. The ASA will apply the actions from only the first matching class map it finds for the feature type. 

B. The ASA will apply the actions from only the most specific matching class map it finds for the feature type. 

C. The ASA will apply the actions from all matching class maps it finds for the feature type. 

D. The ASA will apply the actions from only the last matching class map it finds for the feature type. 

Answer:


Q24. When is the best time to perform an anti-virus signature update? 

A. Every time a new update is available. 

B. When the local scanner has detected a new virus. 

C. When a new virus is discovered in the wild. 

D. When the system detects a browser hook. 

Answer:


Q25. In which three ways does the TACACS protocol differ from RADIUS? (Choose three.) 

A. TACACS uses TCP to communicate with the NAS. 

B. TACACS can encrypt the entire packet that is sent to the NAS. 

C. TACACS supports per-command authorization. 

D. TACACS authenticates and authorizes simultaneously, causing fewer packets to be transmitted. 

E. TACACS uses UDP to communicate with the NAS. 

F. TACACS encrypts only the password field in an authentication packet. 

Answer: A,B,C 


Q26. If a switch receives a superior BPDU and goes directly into a blocked state, what mechanism must be in use? 

A. root guard 

B. EtherChannel guard 

C. loop guard 

D. BPDU guard 

Answer:


Q27. A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URL and becoming infected with malware. 

A. Enable URL filtering on the perimeter router and add the URLs you want to block to the router's local URL list. 

B. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the router's local URL list. 

C. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewall's local URL list. 

D. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router. 

E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router. 

Answer:


Q28. Refer to the exhibit. 

How many times was a read-only string used to attempt a write operation? 

A. 9 

B. 6 

C. 4 

D. 3 

E. 2 

Answer:


Q29. What type of security support is provided by the Open Web Application Security Project? 

A. Education about common Web site vulnerabilities. 

B. A Web site security framework. 

C. A security discussion forum for Web site developers. 

D. Scoring of common vulnerabilities and exposures. 

Answer:


Q30. In a security context, which action can you take to address compliance? 

A. Implement rules to prevent a vulnerability. 

B. Correct or counteract a vulnerability. 

C. Reduce the severity of a vulnerability. 

D. Follow directions from the security appliance manufacturer to remediate a vulnerability. 

Answer: