Proper study guides for Improve Cisco Implementing Cisco Network Security certified begins with Cisco 210-260 preparation products which designed to deliver the High quality 210-260 questions by making you pass the 210-260 test at your first time. Try the free 210-260 demo right now.

2016 Dec ccna security training:

Q31. Refer to the exhibit. 

What type of firewall would use the given configuration line? 

A. a stateful firewall 

B. a personal firewall 

C. a proxy firewall 

D. an application firewall 

E. a stateless firewall 

Answer:


Q32. What is the effect of the send-lifetime local 23:59:00 31 December 31 2013 infinite command? 

A. It configures the device to begin transmitting the authentication key to other devices at 00:00:00 local time on January 1, 2014 and continue using the key indefinitely. 

B. It configures the device to begin transmitting the authentication key to other devices at 23:59:00 local time on December 31, 2013 and continue using the key indefinitely. 

C. It configures the device to begin accepting the authentication key from other devices immediately and stop accepting the key at 23:59:00 local time on December 31, 2013. 

D. It configures the device to generate a new authentication key and transmit it to other devices at 23:59:00 local time on December 31, 2013. 

E. It configures the device to begin accepting the authentication key from other devices at 23:59:00 local time on December 31, 2013 and continue accepting the key indefinitely. 

F. It configures the device to begin accepting the authentication key from other devices at 00:00:00 local time on January 1, 2014 and continue accepting the key indefinitely. 

Answer:


Q33. Refer to the exhibit. 

If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond? 

A. The supplicant will fail to advance beyond the webauth method. 

B. The switch will cycle through the configured authentication methods indefinitely. 

C. The authentication attempt will time out and the switch will place the port into the unauthorized state. 

D. The authentication attempt will time out and the switch will place the port into VLAN 101. 

Answer:


Q34. After reloading a router, you issue the dir command to verify the installation and observe that the image file appears to be missing. For what reason could the image file fail to appear in the dir output? 

A. The secure boot-image command is configured. 

B. The secure boot-comfit command is configured. 

C. The confreg 0x24 command is configured. 

D. The reload command was issued from ROMMON. 

Answer:


Q35. What is the only permitted operation for processing multicast traffic on zone-based firewalls? 

A. Only control plane policing can protect the control plane against multicast traffic. 

B. Stateful inspection of multicast traffic is supported only for the self-zone. 

C. Stateful inspection for multicast traffic is supported only between the self-zone and the internal zone. 

D. Stateful inspection of multicast traffic is supported only for the internal zone. 

Answer:


Renewal cisco ccna security exam:

Q36. What three actions are limitations when running IPS in promiscuous mode? (Choose three.) 

A. deny attacker 

B. deny packet 

C. modify packet 

D. request block connection 

E. request block host 

F. reset TCP connection 

Cisco 210-260 : Practice Test 

Answer: A,B,C 


Q37. In which two situations should you use out-of-band management? (Choose two.) 

A. when a network device fails to forward packets 

B. when you require ROMMON access 

C. when management applications need concurrent access to the device 

D. when you require administrator access from multiple locations 

Cisco 210-260 : Practice Test 

E. when the control plane fails to respond 

Answer: A,B 


Q38. What can the SMTP preprocessor in FirePOWER normalize? 

A. It can extract and decode email attachments in client to server traffic. 

B. It can look up the email sender. 

C. It compares known threats to the email sender. 

D. It can forward the SMTP traffic to an email filter server. 

E. It uses the Traffic Anomaly Detector. 

Answer:


Q39. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

Which four tunneling protocols are enabled in the DfltGrpPolicy group policy? (Choose four) 

A. Clientless SSL VPN 

B. SSL VPN Client 

C. PPTP 

D. L2TP/IPsec 

E. IPsec IKEv1 

F. IPsec IKEv2 

Cisco 210-260 : Practice Test 

Answer: A,D,E,F 

Explanation: 

By clicking one the Configuration-> Remote Access -> Clientless CCL VPN Access-> Group Policies tab you can view the DfltGrpPolicy protocols as shown below: 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.00.18 AM.png 


Q40. Refer to the exhibit. 

Which statement about the device time is true? 

A. The time is authoritative, but the NTP process has lost contact with its servers. 

B. The time is authoritative because the clock is in sync. 

C. The clock is out of sync. 

D. NTP is configured incorrectly. 

E. The time is not authoritative. 

Answer: