web analytics

[27-Oct-2019] New 210-260 Dumps with VCE and PDF from PassLeader (Update Questions)

New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: https://www.passleader.com/210-260.html (537 Q&As)

P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

NEW QUESTION 522
Which path do you follow to enable AAA through the SDM?

A.    Configure > Tasks > AAA
B.    Configure > Authentication > AAA
C.    Configure > Additioonal Authentication > AAA
D.    Configure > Additional Tasks > AAA
E.    Configure > AAA

Answer: D

NEW QUESTION 523
What aims to remove the ability to deny an action?

A.    Integrity
B.    Deniability
C.    Accountability
D.    Non-Repudiation

Answer: D

NEW QUESTION 524
In which two models can the Cisco Web Security Appliance be deployed? (Choose two.)

A.    as a transparent proxy using the Secure Sockets Layer Protocol
B.    as a transparent proxy using the HyperText Transfer Protocol
C.    explicit active mode
D.    as a transparent proxy using the Web Cache Communication Protocol
E.    explicit proxy mode

Answer: DE

NEW QUESTION 525
Which two statements about hardware-based encryption are true? (Choose two.)

A.    It is potentially easier to compromise than software-based encryption.
B.    It requires minimal configuration.
C.    It can be implemented without impacting performance.
D.    It is widely accessible.
E.    It is highly cost-effective.

Answer: CE

NEW QUESTION 526
What is the main purpose of Control Plane Policing?

A.    to prevent exhaustion of route-processor resources
B.    to organize the egress packet queues
C.    to define traffic classes
D.    to maintain the policy map

Answer: A

NEW QUESTION 527
What is the best definition of hairpinning?

A.    ingress traffic that traverses the outbound interface on a device
B.    traffic that enters and exits a device through the same interface
C.    traffic that enters one interface on a device and that exits through another interface
D.    traffic that tunnels through a device interface

Answer: B

NEW QUESTION 528
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?

A.    Update the IPS signature for HTTPS to validate DCE/RPC connections.
B.    Block suspicious hosts from DCE/RPC port 593.
C.    Tunnel DCE/RPC traffic through GRE.
D.    Configure the DCE/RPC preprocessor.

Answer: B

NEW QUESTION 529
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?

A.    authPriv
B.    authNoPriv
C.    noAuthPriv
D.    noAuthNoPriv

Answer: B

NEW QUESTION 530
Which type of firewall can perform deep packet inspection?

A.    application firewall
B.    stateless firewall
C.    packet-filtering firewall
D.    personal firewall

Answer: A

NEW QUESTION 531
Which type of mechanism does Cisco FirePOWER deploy to protect against email threats that are detected moving across other networks?

A.    signature-based
B.    reputation-based
C.    antivirus scanning
D.    policy-based

Answer: B

NEW QUESTION 532
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for business purposes. Which action can you take to retain the blacklist while allowing users to access the approved sites?

A.    Create a whitelist and manually add the approved addresses.
B.    Edit the dynamic blacklist to remove the approved addresses.
C.    Disable the dynamic blacklist and deny the specific address on a whitelist while permitting the others.
D.    Disable the dynamic blacklist and create a static blacklist in its place.

Answer: A

NEW QUESTION 533
Which command enables port security to use sticky MAC addresses on a switch?

A.    switchport port-security mac-address sticky
B.    switchport port-security
C.    switchport port-security violation protect
D.    switchport port-security violation restrict

Answer: A

NEW QUESTION 534
Which attack can be prevented by OSPF authentication?

A.    smurf attack
B.    IP spoofing attack
C.    Denial of service attack
D.    buffer overflow attack

Answer: B

NEW QUESTION 535
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?

A.    CTA
B.    AMP
C.    DLP
D.    DCA

Answer: C

NEW QUESTION 536
……


New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: https://www.passleader.com/210-260.html (537 Q&As)

P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg