web analytics

PassLeader Valid 210-260 Dumps with VCE and PDF (Question 71 – Question 90)

New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: http://www.passleader.com/210-260.html (193 Q&As)

P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

QUESTION 71
In what type of attack does an attacker virtually change a devices burned in address in an attempt to circumvent access lists and mask the device’s true identity?

A.    gratuitous ARP
B.    ARP poisoning
C.    IP Spoofing
D.    MAC Spoofing

Answer: D

QUESTION 72
How does a zone-based firewall implementation handle traffic between Interfaces in the same Zone?

A.    traffic between interfaces in the same zone is blocked unless yoc configure the same-security permit command
B.    Traffic between interfaces in the same zone is always blocked
C.    Traffic between two interfaces in the same zone is allowed by default
D.    Traffic between interfaces in the same zone is blocked unless you apply a service policy to the zone pair

Answer: C

QUESTION 73
An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?

A.    The switch could offer fake DHCP addresses.
B.    The switch could become the root bridge.
C.    The switch could be allowed to join the VTP domain.
D.    The switch could become a transparent bridge.

Answer: B

QUESTION 74
Which two next generation encrytption algorithms does Cisco recommend? (Choose two)

A.    AES
B.    3DES
C.    DES
D.    MD5
E.    DH-1024
F.    SHA-384

Answer: AF

QUESTION 75
What three actions are limitations when running IPS in promiscous mode? (Choose three)

A.    deny attacker
B.    request block connection
C.    deny packet
D.    modify packet
E.    request block host
F.    reset TCP connection

Answer: ACD

QUESTION 76
Which two features do CoPP and CPPr use to protect the control plane? (Choose two)

A.    QoS
B.    traffic classification
C.    access lists
D.    policy maps
E.    class maps
F.    Cisco Express Forwarding

Answer: AB

QUESTION 77
What is an advantage of implementing a Trusted Platform Module for disk encryption?

A.    It provides hardware authentication
B.    It allows the hard disk to be transferred to another device without requiring re-encryption.dis
C.    it supports a more complex encryption algorithm than other disk-encryption technologies
D.    it can protect against single poins of failure

Answer: A

QUESTION 78
Refer to the exhibit. What is the effect of the given command sequence?
passleader-210-260-dumps-781

A.    It configures IKE Phase 1
B.    It configures a site-to-site VPN Tunnel
C.    It configures a crypto policy with a key size of 14400
D.    It configures IPSec Phase 2

Answer: A

QUESTION 79
A specific URL has been identified as containing malware. What action can you take to block users from accidentaly visiting the URL and becoming infected with malware?

A.    Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the routers local URL list.
B.    Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewalls local URL list.
C.    Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router.
D.    Enable URL filtering on the perimeter router and add the URLs you want to block to the routers local URL list.
E.    Create a whitelist that contains the URls you want to allow and activate the whitelist on the perimeter router.

Answer: D

QUESTION 80
If you change the native VLAN on the port to an unused VLAN, what happens if an attacker attempts a double tagging attack?

A.    The trunk port would go into an error-disable state
B.    A VLAN hopping attack would be successful
C.    A VLAN hopping attack would be prevented
D.    the attacked VLAN will be pruned

Answer: C

QUESTION 81
What is an advantage of placing an IPS on the inside of a network?

A.    It can provide higher throughput.
B.    It receives traffic that has already been filtered.
C.    It receives every inbound packet.
D.    It can provide greater security.

Answer: B

QUESTION 82
Which three statements about host-based IPS are true? (Choose three.)

A.    It can view encrypted files.
B.    It can have more restrictive policies than network-based IPS.
C.    It can generate alerts based on behavior at the desktop level.
D.    It can be deployed at the perimeter.
E.    It uses signature-based policies.
F.    It works with deployed firewalls.

Answer: ABC
Explanation:
The key word here is ‘Cisco’, and Cisco’s host-based IPS, CSA, is NOT signature-based and CAN view encrypted files.

QUESTION 83
Which syslog severity level is level number 7?

A.    Warning
B.    Informational
C.    Notification
D.    Debugging

Answer: D
Explanation:
The list of severity Levels:
0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages

QUESTION 84
Which type of mirroring does SPAN technology perform?

A.    Remote mirroring over Layer 2
B.    Remote mirroring over Layer 3
C.    Local mirroring over Layer 2
D.    Local mirroring over Layer 3

Answer: C

QUESTION 85
Which tasks is the session management path responsible for? (Choose three.)

A.    Verifying IP checksums
B.    Performing route lookup
C.    Performing session lookup
D.    Allocating NAT translations
E.    Checking TCP sequence numbers
F.    Checking packets against the access list

Answer: BDF
Explanation:
http://blog.ipexpert.com/a-closer-look-at-stateful-inspection-on-the-cisco-asa/

QUESTION 86
Which network device does NTP authenticate?

A.    Only the time source
B.    Only the client device
C.    The firewall and the client device
D.    The client device and the time source

Answer: A

QUESTION 87
What hash type does Cisco use to validate the integrity of downloaded images?

A.    Sha1
B.    Sha2
C.    Md5
D.    Md1

Answer: C

QUESTION 88
Which option is the most effective placement of an IPS device within the infrastructure?

A.    Inline, behind the internet router and firewall
B.    Inline, before the internet router and firewall
C.    Promiscuously, after the Internet router and before the firewall
D.    Promiscuously, before the Internet router and the firewall

Answer: A

QUESTION 89
If a router configuration includes the line aaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)

A.    The user will be prompted to authenticate using the enable password
B.    Authentication attempts to the router will be denied
C.    Authentication will use the router`s local database
D.    Authentication attempts will be sent to the TACACS+ server

Answer: AD
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command/reference/fsecur_r/srfathen.html
The following example creates an AAA authentication list called MIS-access. This authentication first tries to contact a TACACS+ server. If no server is found, TACACS+ returns an error and AAA tries to use the enable password. If this attempt also returns an error (because no enable password is configured on the server), the user is allowed access with no authentication.
aaa authentication login MIS-access group tacacs+ enable none

QUESTION 90
Which alert protocol is used with Cisco IPS Manager Express to support up to 10 sensors?

A.    SDEE
B.    Syslog
C.    SNMP
D.    CSM

Answer: A


New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: http://www.passleader.com/210-260.html (193 Q&As)

P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg