New 210-260 exam questions from PassLeader 210-260 dumps! Welcome to download the newest PassLeader 210-260 VCE and PDF dumps: http://www.passleader.com/210-260.html (416 Q&As)
P.S. Free 210-260 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg
In what type of attack does an attacker virtually change a devices burned in address in an attempt to circumvent access lists and mask the device’s true identity?
A. gratuitous ARP
B. ARP poisoning
C. IP Spoofing
D. MAC Spoofing
How does a zone-based firewall implementation handle traffic between Interfaces in the same Zone?
A. traffic between interfaces in the same zone is blocked unless yoc configure the same-security permit command
B. Traffic between interfaces in the same zone is always blocked
C. Traffic between two interfaces in the same zone is allowed by default
D. Traffic between interfaces in the same zone is blocked unless you apply a service policy to the zone pair
An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?
A. The switch could offer fake DHCP addresses.
B. The switch could become the root bridge.
C. The switch could be allowed to join the VTP domain.
D. The switch could become a transparent bridge.
Which two next generation encrytption algorithms does Cisco recommend? (Choose two)
What three actions are limitations when running IPS in promiscous mode? (Choose three)
A. deny attacker
B. request block connection
C. deny packet
D. modify packet
E. request block host
F. reset TCP connection
Which two features do CoPP and CPPr use to protect the control plane? (Choose two)
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding
What is an advantage of implementing a Trusted Platform Module for disk encryption?
A. It provides hardware authentication
B. It allows the hard disk to be transferred to another device without requiring re-encryption.dis
C. it supports a more complex encryption algorithm than other disk-encryption technologies
D. it can protect against single poins of failure
A. It configures IKE Phase 1
B. It configures a site-to-site VPN Tunnel
C. It configures a crypto policy with a key size of 14400
D. It configures IPSec Phase 2
A specific URL has been identified as containing malware. What action can you take to block users from accidentaly visiting the URL and becoming infected with malware?
A. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the routers local URL list.
B. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewalls local URL list.
C. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router.
D. Enable URL filtering on the perimeter router and add the URLs you want to block to the routers local URL list.
E. Create a whitelist that contains the URls you want to allow and activate the whitelist on the perimeter router.
If you change the native VLAN on the port to an unused VLAN, what happens if an attacker attempts a double tagging attack?
A. The trunk port would go into an error-disable state
B. A VLAN hopping attack would be successful
C. A VLAN hopping attack would be prevented
D. the attacked VLAN will be pruned
What is an advantage of placing an IPS on the inside of a network?
A. It can provide higher throughput.
B. It receives traffic that has already been filtered.
C. It receives every inbound packet.
D. It can provide greater security.
Which three statements about host-based IPS are true? (Choose three.)
A. It can view encrypted files.
B. It can have more restrictive policies than network-based IPS.
C. It can generate alerts based on behavior at the desktop level.
D. It can be deployed at the perimeter.
E. It uses signature-based policies.
F. It works with deployed firewalls.
The key word here is ‘Cisco’, and Cisco’s host-based IPS, CSA, is NOT signature-based and CAN view encrypted files.
Which syslog severity level is level number 7?
The list of severity Levels:
0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages
Which type of mirroring does SPAN technology perform?
A. Remote mirroring over Layer 2
B. Remote mirroring over Layer 3
C. Local mirroring over Layer 2
D. Local mirroring over Layer 3
Which tasks is the session management path responsible for? (Choose three.)
A. Verifying IP checksums
B. Performing route lookup
C. Performing session lookup
D. Allocating NAT translations
E. Checking TCP sequence numbers
F. Checking packets against the access list
Which network device does NTP authenticate?
A. Only the time source
B. Only the client device
C. The firewall and the client device
D. The client device and the time source
What hash type does Cisco use to validate the integrity of downloaded images?
Which option is the most effective placement of an IPS device within the infrastructure?
A. Inline, behind the internet router and firewall
B. Inline, before the internet router and firewall
C. Promiscuously, after the Internet router and before the firewall
D. Promiscuously, before the Internet router and the firewall
If a router configuration includes the line aaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
A. The user will be prompted to authenticate using the enable password
B. Authentication attempts to the router will be denied
C. Authentication will use the router`s local database
D. Authentication attempts will be sent to the TACACS+ server
The following example creates an AAA authentication list called MIS-access. This authentication first tries to contact a TACACS+ server. If no server is found, TACACS+ returns an error and AAA tries to use the enable password. If this attempt also returns an error (because no enable password is configured on the server), the user is allowed access with no authentication.
aaa authentication login MIS-access group tacacs+ enable none
Which alert protocol is used with Cisco IPS Manager Express to support up to 10 sensors?