Cisco CCNA Security 210-260 Exam Preparation

The 210-260 exam demands a strong preparation to get the CCNA Security certification. DumpsSchool CCNA Security exam questions meet all your needs and provide you useful knowledge about Implementing Cisco network security to pass the 210-260 exam in the first take.

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: https://www.dumpsschool.com/210-260-exam-dumps.html (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view (FREE VERSION!!!)

Question No. 1

If a personal Firewall specifically blocks NTP, which type of blocking is the firewall performing?

Answer: C

Question No. 2

Where does ip dhcp snooping trust command use?

Answer: A

Question No. 3

Which label is given to a person who uses existing computer scripts to hack into computers lacking the expertise to write their own?

Answer: D

Question No. 4

Which two descriptions of TACACS+ are true? (Choose two.)

Answer: A, D

Question No. 5

How many crypto map sets can you apply to a router interface?

Answer: D

You must assign a crypto map set to an interface before that interface can provide IPSec services. Only one crypto map set can be assigned to an interface. If multiple crypto map entries have the same map-name but a different seq-num, they are considered to be part of the same set and will all be applied to the interface.

Source: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command

Question No. 6

Which two features are commonly used by CoPP and CPPr to protect the control plane?

Answer: A, B

For example, you can specify that management traffic, such as SSH/HTTPS/SSL and so on, can be ratelimited (policed) down to a specific level or dropped completely.

Another way to think of this is as applying quality of service (QoS) to the valid management traffic and policing to the bogus management traffic.

Source: Cisco Official Certification Guide, Table 10-3 Three Ways to Secure the Control Plane, p.269

Question No. 7

Refer to the exhibit.

A network security administrator checks the ASA firewall NAT policy table with the show nat command. Which statement is false?

Answer: A

Question No. 8

When a switch has multiple links connected to a downstream switch, what is the first step that STP takes to prevent loops?

Answer: A

First when the switches are powered on all the ports are in Blocking state (20 sec), during this time the + Root Bridge is elected by exchanging BPDUs

+ The other switches will elect their Root ports

+ Every network segment will choosee their Designated port

Source: https://learningnetwork.cisco.com/thread/7677

Question No. 9

In which two models can the Cisco Web Security Appliance be deployed? (Choose two.)

Answer: D, E

210-260 Dumps Google Drive: (Limited Version!!!)
https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view

Related Certification: https://www.dumpsschool.com/ccna-security-questions.html

Cisco CCNA Security 210-260 Exam Preparation

Experienced professionals have prepared CCNA Security exam questions of DumpsSchool. These 210-260 exam questions are according to the industry standards and provide rich knowledge of Implementing Cisco network security topics. Like multiple candidates, you can succeed in the 210-260 exam by using DumpsSchool CCNA Security exam questions.

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: https://www.dumpsschool.com/210-260-exam-dumps.html (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view (FREE VERSION!!!)

Question No. 1

You have just deployed SNMPv3 in your environment. Your manager asks you make sure that your agents can only talk to the SNMP Manager.

What would you configure on your SNMP agnets to satisfy this request?

Answer: D

Question No. 2

Refer to the exhibit.

What is the effect of the given command?

Answer: A

A transform set is an acceptable combination of security protocols, algorithms and other settings to apply to IP Security protected traffic. During the IPSec security association negotiation, the peers agree to use a particular transform set when protecting a particular data flow.

Source: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command

Explanation/Reference/srfipsec.html#wp1017694 To define a transform set — an acceptable combination of security protocols and algorithms — use the crypto ipsec transform-set global configuration command.

ESP Encryption Transform

+ esp-aes 256: ESP with the 256-bit AES encryption algorithm.

ESP Authentication Transform

+ esp-md5-hmac: ESP with the MD5 (HMAC variant) authentication algorithm. (No longer recommended) Source: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr- c3.html#wp2590984165

Question No. 3

Which two statements about hardware based encryption are true? (Choose two.)

Answer: A, B

Question No. 4

Which technology could be used on top of an MPLS VPN to add confidentity.

Answer: D

Question No. 5

Which type of firewall can serve as the intermediary between a client and a server?

Answer: D

Question No. 6

Which quantifiable item should you consider when your organization adopts new technologies?

Answer: B

Question No. 7

After reloading a router, you issue the dir command to verify the installation and observe that the image file appears to be missing. For what reason could the image file fail to appear in the dir output?

Answer: A

autocommand: (Optional) Causes the specified command to be issued automatically after the user logs in.

When the command is complete, the session is terminated. Because the command can be any length and can contain embedded spaces, commands using the autocommand keyword must be the last option on the line.

So after successfully logs in the Admin user sees the running configuration and immediately after is disconnected by the router. So removing the command lets keeps him connected.

Source: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/s1/sec-s1-xe-3se-3850-cr-book/sec-s1-xe- 3se-3850-cr-book_chapter_0110.html

Question No. 8

Refer to the exhibit.

What is the effect of the given configuration?

Answer: D

Question No. 9

Which security term refers to the likelihood that a weakness will be exploited to cause damage to an asset?

Answer: C

210-260 Dumps Google Drive: (Limited Version!!!)
https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view

Related Certification: https://www.dumpsschool.com/ccna-security-questions.html