210-260 Practice Questions
99 real 210-260 exam questions with expert-verified answers and explanations. Page 1 of 2.
- Question #1
Which statement about communication over failover interfaces is true?
- Question #2
Which three ESP fields can be encrypted during transmission? (Choose three)
- Question #3
According to Cisco best practices, which three protocols should the default ACL allow an access port to enable wired BYOD devices to supply valid credentials and connect to the net...
- Question #4
Refer to the exhibit. If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond?
- Question #5
Which SOURCEFIRE logging action should you choose to record the most detail about a connection.
- Question #6
What type of algorithm uses the same key to encryp and decrypt data?
- Question #7
If a packet matches more than one class map in an individual feature type's policy map, how does the ASA handle the packet?
- Question #8
You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP address Reputation. A user calls and is not able to access a c...
- Question #9
Which EAP method uses protected Access Credentials?
- Question #10
In which two situations should you use out-of-band management? (Choose two)
- Question #11
What features can protect the data plane? (Choose three.)
- Question #12
How many crypto map sets can you apply to a router interface?
- Question #13
What is the transition order of STP states on a Layer 2 switch interface?
- Question #14
Which sensor mode can deny attackers inline?
- Question #15
Which options are filtering options used to display SDEE message types?
- Question #16
When a company puts a security policy in place, what is the effect on the company's business?
- Question #17
Which wildcard mask is associated with a subnet mask of /27?
- Question #18
Which statements about reflexive access lists are true?
- Question #19
Which actions can a promiscuous IPS take to mitigate an attack?
- Question #20
Which Cisco Security Manager application collects information about device status and uses it to generate notifications and alerts?
- Question #21
Which command is needed to enable SSH support on a Cisco Router?
- Question #22
In which three ways does the TACACS protocol differ from RADIUS? (Choose three)
- Question #23
Scenario In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN conf...
- Question #24
Scenario In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN conf...
- Question #25
Scenario In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN conf...
- Question #26
Scenario In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN conf...
- Question #28
What is the purpose of the Integrity component of the CIA triad?
- Question #29
Which two statements about Telnet access to the ASA are true? (Choose two).
- Question #30
Which protocol provides security to Secure Copy?
- Question #31
A clientless SSL VPN user who is connecting on a Windows Vista computer is missing the menu option for Remote Desktop Protocol on the portal web page. Which action should you take...
- Question #32
Which security zone is automatically defined by the system?
- Question #33
What are purposes of the Internet Key Exchange in an IPsec VPN? (Choose two.)
- Question #34
Which address block is reserved for locally assigned unique local addresses?
- Question #35
What is a possible reason for the error message? Router(config)#aaa server?% Unrecognized command
- Question #36
Which statements about smart tunnels on a Cisco firewall are true? (Choose two.)
- Question #37
Which option describes information that must be considered when you apply an access list to a physical interface?
- Question #38
Which source port does IKE use when NAT has been detected between two VPN gateways?
- Question #39
Which of the following are features of IPsec transport mode? (Choose three.)
- Question #40
Which command causes a Layer 2 switch interface to operate as a Layer 3 interface?
- Question #41
Which command verifies phase 1 of an IPsec VPN on a Cisco router?
- Question #42
What is the purpose of a honeypot IPS?
- Question #43
Which type of firewall can act on the behalf of the end device?
- Question #44
Refer to the exhibit. While troubleshooting site-to-site VPN, you issued the show crypto isakmp as command. What does the given output show?
- Question #45
What type of attack was the Stuxnet virus?
- Question #46
Which type of secure connectivity does an extranet provide?
- Question #47
After reloading a router, you issue the dir command to verify the installation and observe that the image file appears to be missing. For what reason could the image file fail to a...
- Question #48
What is a reason for an organization to deploy a personal firewall?
- Question #49
Which FirePOWER preprocessor engine is used to prevent SYN attacks?
- Question #50
What VPN feature allows traffic to exit the security appliance through the same interface it entered?
- Question #51
When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?