210-260 Exam Details
-
Exam Code
:210-260 -
Exam Name
:Implementing Cisco Network Security -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:527 Q&As -
Last Updated
:Dec 12, 2021
Cisco 210-260 Online Questions & Answers
-
Question 161:
Which Statement about personal firewalls is true?
A. They are resilient against kernal attacks
B. They can protect email messages and private documents in a similar way to a VPN
C. They can protect the network against attacks
D. They can protect a system by denying probing requests -
Question 162:
Which type of encryption technology has the broadcast platform support?
A. Middleware
B. Hardware
C. Software
D. File-level -
Question 163:
A specific URL has been identified as containing malware. What action can you take to block users from accidentaly visiting the URL and becoming infected with malware?
A. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the routers local URL list
B. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewalls local URL list
C. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router.
D. Enable URL filtering on the perimeter router and add the URLs you want to block to the routers local URL list
E. Create a whitelist that contains the URls you want to allow and activate the whitelist on the perimeter router. -
Question 164:
In which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations? (Choose three)
A. When matching ACL entries are configured
B. when matching NAT entries are configured
C. When the firewall requires strict HTTP inspection
D. When the firewall requires HTTP inspection
E. When the firewall receives a SYN-ACK packet
F. When the firewall receives a SYN packet -
Question 165:
How does PEAP protect EAP exchange?
A. it encrypts the exchange using the client certificate.
B. it validates the server-supplied certificate and then encrypts the exchange using the client certificate
C. it encrypts the exchange using the server certificate
D. it validates the client-supplied certificate and then encrypts the exchange using the server certificate. -
Question 166:
The Oakley cryptography protocol is compatible with following for managing security?
A. IPSec
B. ISAKMP
C. Port security -
Question 167:
Refer to the exhibit. While troubleshooting site-to-site VPN, you issued the show crypto ipsec sa command. What does the given output show?
A. ISAKMP security associations are established between 10.1.1.5 and 10.1.1.1
B. IPSec Phase 2 is established between 10.1.1.1 and 10.1.1.5
C. IKE version 2 security associations are established between 10.1.1.1 and 10.1.1.5
D. IPSec Phase 2 is down due to a mismatch between encrypted and decrypted packets -
Question 168:
Which statements about reflexive access lists are true?
A. Reflexive access lists create a permanent ACE
B. Reflexive access lists approximate session filtering using the established keyword
C. Reflexive access lists can be attached to standard named IP ACLs
D. Reflexive access lists support UDP sessions
E. Reflexive access lists can be attached to extended named IP ACLs
F. Reflexive access lists support TCP sessions -
Question 169:
Which command enables authentication at the OSPFv2 routing process level?
A. area 0 authentication message-digest
B. area 0 authentication ipsec spi 500 md5 1 234567890ABCDEF1234567890ABCDEF
C. ip ospf authentication message-digest
D. ip ospf message-digest-key 1 md5 C1sc0! -
Question 170:
SSL certificates are issued by Certificate Authority(CA) are?
A. Trusted root
B. Not trusted
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-260 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.