1. Home
  2. Cisco
  3. 210-260

Cisco 210-260 Online Practice Questions and Exam Preparation

210-260 Exam Details

  • Exam Code
    :210-260
  • Exam Name
    :Implementing Cisco Network Security
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :527 Q&As
  • Last Updated
    :Dec 12, 2021

Cisco 210-260 Online Questions & Answers

  • Question 421:

    Which two features are commonly used CoPP and CPPr to protect the control plane? (Choose two.)

    A. QoS
    B. traffic classification
    C. access lists
    D. policy maps
    E. class maps
    F. Cisco Express Forwarding

  • Question 422:

    Scenario

    In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the four multiple choice questions about the ASA SSLVPN configurations.

    To access ASDM, click the ASA icon in the topology diagram.

    Note: Not all ASDM functionalities are enabled in this simulation.

    To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first.

    When users login to the Clientless SSLVPN using https://209.165.201.2/test, which group policy will be applied?

    A. test
    B. clientless
    C. Sales
    D. DfltGrpPolicy
    E. DefaultRAGroup
    F. DefaultWEBVPNGroup

  • Question 423:

    Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?

    A. You can configure a single zone pair that allows bidirectional traffic flows from for any zone except the self-zone
    B. You must configure two zone pairs, one for each direction
    C. You can configure a single zone pair that allows bidirectional traffic flows for any zone
    D. You can configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone.

  • Question 424:

    Which protocol offers data integrity, encryption, authentication, and antireplay functions for IPsec VPN?

    A. AH protocol
    B. ESP protocol
    C. IKEv2 protocol
    D. IKEv1 protocol

  • Question 425:

    Which three ways does the RADIUS protocol differ from TACACS?? (Choose three)

    A. RADIUS authenticates and authorizes simultaneously. Causing fewer packets to be transmitted
    B. RADIUS encrypts only the password field in an authentication packets
    C. RADIUS can encrypt the entire packet that is sent to the NAS
    D. RADIUS uses UDP to communicate with the NAS
    E. RADIUS uses TCP to communicate with the NAS
    F. RADIUS support per-command authentication

  • Question 426:

    Regarding PVLAN diagram question:

    Switch was in VLAN 300

    Isolated Host 1 on VLAN 301

    Host 2 and Host 4 on VLAN 303 or something (Community PVLAN)

    Server is connected to Switch.

    All host connects to switch.

    A. Host 2 (Host is part of community PVLAN).
    B. Other devices on VLAN XXX (VLAN were isolated host is connected, in my case it was Host 1).
    C. Server
    D. Host 4 (Host is part of community PVLAN)

  • Question 427:

    Which security term refers to the likelihood that a weakness will be exploited to cause damage to an asset?

    A. threat
    B. vulnerability
    C. risk
    D. countermeasure

  • Question 428:

    What is the best definition of hairpinning?

    A. ingress traffic that traverses the outbound interface on a device
    B. traffic that enters and exits a device through the same interface
    C. traffic that enters one interface on a device and that exits through another interface
    D. traffic that tunnels through a device interface

  • Question 429:

    Which of the following statements about access lists are true? (Choose three.)

    A. Extended access lists should be placed as near as possible to the destination
    B. Extended access lists should be placed as near as possible to the source
    C. Standard access lists should be placed as near as possible to the destination
    D. Standard access lists should be placed as near as possible to the source
    E. Standard access lists filter on the source address
    F. Standard access lists filter on the destination address

  • Question 430:

    Which type of malicious software can create a back-door into a device or network?

    A. worm
    B. Trojan
    C. virus
    D. bot

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-260 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.