Cisco 210-260 Online Practice Questions and Exam Preparation

Cisco 210-260 Online Questions & Answers

• Question 211:

  Which two attack types can be prevented with the implementation of a Cisco IPS solution? (Choose two)

  A. ARP spoofing
  B. DDoS
  C. VLAN hopping
  D. man-in-the-middle
  E. worms
  D. man-in-the-middle
  E. worms

• Question 212:

  Refer to the exhibit. Using a stateful packet firewall and given an inside ACL entry of permit ip 192.16.1.0 0.0.0.255 any, what would be the resulting dynamically configured ACL for the return traffic on the outside ACL?

  

  A. permit tcp host 172.16.16.10 eq 80 host 192.168.1.11 eq 2300
  B. permit ip 172.16.16.10 eq 80 192.168.1.0 0.0.0.255 eq 2300
  C. permit tcp any eq 80 host 192.168.1.11 eq 2300
  D. permit ip host 172.16.16.10 eq 80 host 192.168.1.0 0.0.0.255 eq 2300
  A. permit tcp host 172.16.16.10 eq 80 host 192.168.1.11 eq 2300

• Question 213:

  Which command can you enter to verify the status of Cisco IOS Resilient Configuration on a Cisco router?

  A. show binary file
  B. secure boot-config
  C. secure boot-image
  D. show secure bootset
  D. show secure bootset

• Question 214:

  Which statement about traffic inspection using the Cisco Modular Policy Framework on the ASA is true?

  A. HTTP inspection is supported with Cloud Web Security inspection
  B. QoS policing and QoS pnonty queuing can be configured for the same traffic
  C. ASA with FirePOWER supports HTTP inspection
  D. Traffic can be sent to multiple modules for inspection
  A. HTTP inspection is supported with Cloud Web Security inspection

• Question 215:

  Zone based firewall:

  A. enable zones first / zones must be made before applying interfaces.
  B. enable zones first
  A. enable zones first / zones must be made before applying interfaces.

• Question 216:

  Which statement about the native VLAN is true?

  A. It is susceptible to VLAN hopping attacks.
  B. It is most secure when it is assigned to VLAN 1.
  C. It is the Cisco recommended VLAN for switch-management traffic.
  D. It is the Cisco-recommended VLAN for user traffic.
  A. It is susceptible to VLAN hopping attacks.

• Question 217:

  What IPSec mode is used to encrypt traffic between client and server vpn endpoints?

  A. tunnel
  B. Trunk
  C. Aggregated
  D. Quick
  E. Transport
  E. Transport

• Question 218:

  How will the traffic be affected if policy from the self zone is removed ?

  A. all traffic will be inspected.
  B. traffic will not be inspected.
  C. traffic will be passed with logging action.
  B. traffic will not be inspected.

• Question 219:

  Which Sourcefire event action should you choose if you want to block only malicious traffic from a particular end user?

  A. Allow with inspection
  B. Allow without inspection
  C. Block
  D. Trust
  E. Monitor
  A. Allow with inspection

• Question 220:

  Scenario

  In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the four multiple choice questions about the ASA SSLVPN configurations.

  To access ASDM, click the ASA icon in the topology diagram.

  Note: Not all ASDM functionalities are enabled in this simulation.

  To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first.

  

  

  

  

  

  

  

  

  

  

  

  

  

  

  

  

  Which user authentication method is used when users login to the Clientless SSLVPN portal using https://209.165.201.2/test?

  A. AAA with LOCAL database
  B. AAA with RADIUS server
  C. Certificate
  D. Both Certificate and AAA with LOCAL database
  E. Both Certificate and AAA with RADIUS server
  A. AAA with LOCAL database

  ---

  This can be seen from the Connection Profiles Tab of the Remote Access VPN configuration, where the alias of test is being used,