latest Cisco CCNA Security 210-260 dumps questions and Answers | Real and effective
We share the latest exam dumps throughout the year to help you improve your skills and experience! The latest Cisco CCNA Security 210-260 exam dumps, online exam Practice test to test your strength, Cisco 210-260 “Implementing Cisco Network Security (IINS) v3.0” in https://www.leads4pass.com/210-260.html Update
the exam content throughout the year to ensure that all exam content is authentic and valid. 210-260 PDF Online download for easy learning.
[PDF] Free Cisco CCNA Security 210-260 pdf dumps download from Google Drive: https://drive.google.com/open?id=18g6SvjFACTYNFLSKSTyQQ9v_tk78GEnN
[PDF] Free Full Cisco pdf dumps download from Google Drive: https://drive.google.com/open?id=1CMo2G21nPLf7ZmI-3_hBpr4GDKRQWrGx
210-260 IINS – Cisco: https://www.cisco.com/c/en/us/training-events/training-certifications/exams/current-list/iins-210-260.html
Free test Cisco CCNA Security 210-260 Exam questions and Answers
QUESTION 1
Which two statement about stateless firewalls is true? (Choose two)
A. the Cisco ASA is implicitly stateless because it blocks all traffic by default.
B. They compare the 5-tuple of each incoming packets against configurable rules.
C. They cannot track connections..
D. They are designed to work most efficiently with stateless protocols such as HTTP or HTTPS..
E. Cisco IOS cannot implement them because the platform is Stateful by nature
Correct Answer: BC
5-tuple is: source/destination IP, ports, and protocols. Stateless firewalls cannot track connections.
QUESTION 2
What feature defines a campus area network?
A. It has a single geographic location.
B. It has limited or restricted Internet access.
C. It has a limited number of segments.
D. it lacks external connectivity.
Correct Answer: A
QUESTION 3
Which two characteristics of symmetric encryption are true? (Choose two)
A. It uses digital certificates.
B. It uses a public key and a private key to encrypt and decrypt traffic.
C. it requires more resources than asymmetric encryption
D. it is faster than asymmetric encryption
E. It uses the same key to encrypt and decrypt the traffic.
Correct Answer: DE
http://searchsecurity.techtarget.com/definition/secret-key-algorithm
QUESTION 4
When is “Deny all” policy an exception in Zone Based Firewall
A. traffic traverses 2 interfaces in same zone
B. traffic sources from router via self zone
C. traffic terminates on router via self zone
D. traffic traverses 2 interfaces in different zones
E. traffic terminates on router via self zone
Correct Answer: A
+
There is a default zone, called the self zone, which is a logical zone. For any packets directed to the router directly (the
destination IP represents the packet is for the router), the router automatically considers that traffic to be entering the
self zone. In addition, any traffic initiated by the router is considered as leaving the self zone.
By default, any traffic to or from the self zone is allowed, but you can change this policy.
+
For the rest of the administrator-created zones, no traffic is allowed between interfaces in different zones.
+
For interfaces that are members of the same zone, all traffic is permitted by default.
QUESTION 5
What are two well-known security terms? (Choose Two)
A. Phishing.
B. BPDU guard
C. LACP
D. ransomeware
E. hair-pinning
Correct Answer: AD
QUESTION 6
Which SOURCEFIRE logging action should you choose to record the most detail about a connection.
A. Enable logging at the beginning of the session
B. Enable logging at the end of the session
C. Enable alerts via SNMP to log events off-box
D. Enable eStreamer to log events off-box
Correct Answer: B
QUESTION 7
Which type of address translation should be used when a Cisco ASA is in transparent mode?
A. Static NAT
B. Dynamic NAT
C. Overload
D. Dynamic PAT
Correct Answer: A
QUESTION 8
Refer to the exhibit. What is the effect of the given configuration?
A. The two routers receive normal updates from one another
B. It enables authentication
C. It prevents keycham authentication
D. The two devices are able to pass the message digest to one another.
Correct Answer: D
QUESTION 9
What is the most common implementation of PAT in a standard networked environment?
A. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
B. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
C. configuring multiple external hosts to join the self-zone and to communicate with one another
D. configuring an any any rule to enable external hosts to communicate inside the network
Correct Answer: A
QUESTION 10
Which feature filters CoPP packets?
A. Policy maps
B. route maps
C. access control lists
D. class maps
Correct Answer: C
QUESTION 11
Which tool can an attacker use to attempt a DDos attack?
A. botnet
B. Trojan horse
C. virus
D. adware
Correct Answer: A
QUESTION 12
Which privileged level is … by default? for user exec mode
A. 0
B. 1
C. 2
D. 5
E. 15
Correct Answer: B
User EXEC mode commands are privilege level 1 Privileged EXEC mode and configuration mode commands are
privilege level 15. http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command/reference/fsecur_r/srfpass.html
QUESTION 13
Which two features do CoPP and CPPr use to protect the control plane? (Choose two.)
A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
Correct Answer: AB
We share 13 of the latest Cisco CCNA Security 210-260 exam dumps and 210-260 pdf online download for free.Now you know what you’re capable of! If you’re just interested in this, please keep an eye on “Newxpass.com” blog updates! If you want to get the Cisco CCNA Security 210-260 Exam Certificate: https://www.leads4pass.com/210-260.html (Total questions: 487 Q&A).
Related 210-260 Popular Exam resources
| title | youtube | 210-260 IINS – Cisco | lead4pass | |
|---|---|---|---|---|
| Cisco 210-260 | lead4pass 210-260 dumps pdf | lead4pass 210-260 youtube | 210-260 IINS – Cisco | https://www.leads4pass.com/210-260.html |
| Cisco CCNA Security | https://www.leads4pass.com/210-260.html | https://www.leads4pass.com/640-554.html |
Lead4pass Promo Code 12% Off
Why Choose Lead4pass?
Lead4Pass helps you pass the exam easily! We compare data from all websites in the network, other sites are expensive,and the data is not up to date, Lead4pass updates data throughout the year. The pass rate of the exam is above 98.9%.
