Cisco 210-260 Online Practice Questions and Exam Preparation

Cisco 210-260 Online Questions & Answers

• Question 351:

  How can firepower block malicious email attachments?

  A. It forwards email requests to an external signature engine
  B. It sends the traffic through a file policy
  C. It scans inbound email messages for known bad URLs
  D. It sends an alert to the administrator to verify suspicious email messages
  B. It sends the traffic through a file policy

• Question 352:

  What is the primary purpose of a defined rule in an IPS?

  A. to configure an event action that takes place when a signature is triggered
  B. to define a set of actions that occur when a specific user logs in to the system
  C. to configure an event action that is pre-defined by the system administrator
  D. to detect internal attacks
  A. to configure an event action that takes place when a signature is triggered

• Question 353:

  What features can protect the data plane? (Choose three.)

  A. policing
  B. ACLs
  C. IPS
  D. antispoofing
  E. QoS
  F. DHCP-snooping
  B. ACLs
  D. antispoofing
  F. DHCP-snooping

• Question 354:

  How to verify that TACACS+ connectivity to a device?

  A. You successfully log in to the device by using the local credentials.
  B. You connect to the device using SSH and receive the login prompt.
  C. You successfully log in to the device by using ACS credentials.
  D. You connect via console port and receive the login prompt.
  B. You connect to the device using SSH and receive the login prompt.

• Question 355:

  How can you prevent NAT rules from sending traffic to incorrect interfaces?

  A. Configure twice NAT instead of object NAT
  B. Add the no-proxy-arp command to the nat line
  C. Assign the output interface in the NAT statement
  D. Use packet-tracer rules to reroute misrouted NAT entries
  D. Use packet-tracer rules to reroute misrouted NAT entries

• Question 356:

  What is the effect of the given command sequence?

  

  A. It defines IPSec policy for traffic sourced from 10.10.10.0/24 with a desstination of 10.100.100.0/24
  B. It defines IPSec policy for traffic sourced from 10.100.100.0/24 with a destination of 10.10.10.0/24
  C. it defines IKE policy for traffic sourced from 10.10.10.0/24 with a destination of 10.100.100.0/24
  D. It defines IKE policy for traffic sourced from 10.100.100.0/24 with a destination of 10.10.10.0/24
  A. It defines IPSec policy for traffic sourced from 10.10.10.0/24 with a desstination of 10.100.100.0/24

• Question 357:

  What are the three layers of a hierarchical network design? (Choose three.)

  A. core
  B. access
  C. server
  D. user
  E. internet
  F. distribution
  A. core
  B. access
  F. distribution

• Question 358:

  With Cisco IOS zone-based policy firewall, by default, which three types of traffic are permitted by the router when some of the router interfaces are assigned to a zone? (Choose three.)

  A. traffic flowing between a zone member interface and any interface that is not a zone member
  B. traffic flowing to and from the router interfaces (the self zone)
  C. traffic flowing among the interfaces that are members of the same zone
  D. traffic flowing among the interfaces that are not assigned to any zone
  E. traffic flowing between a zone member interface and another interface that belongs in a different zone
  F. traffic flowing to the zone member interface that is returned traffic
  B. traffic flowing to and from the router interfaces (the self zone)
  C. traffic flowing among the interfaces that are members of the same zone
  D. traffic flowing among the interfaces that are not assigned to any zone

• Question 359:

  What mechanism does asymmetric cryptography use to secure data?

  A. an RSA nonce
  B. a public/private key pair.
  C. an MD5 hash.
  D. shared secret keys.
  B. a public/private key pair.

• Question 360:

  Which internet Multihoming solution is a resistant to a failure of any single component?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A