210-260 Exam Details

  • Exam Code
    :210-260
  • Exam Name
    :Implementing Cisco Network Security
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :527 Q&As
  • Last Updated
    :Dec 12, 2021

Cisco 210-260 Online Questions & Answers

  • Question 481:

    Which statement is a benefit of using Cisco IOS IPS?

    A. It uses the underlying routing infrastructure to provide an additional layer of security.
    B. It works in passive mode so as not to impact traffic flow.
    C. It supports the complete signature database as a Cisco IPS sensor appliance.
    D. The signature database is tied closely with the Cisco IOS image.

  • Question 482:

    Which attack can be prevented by OSPF authentication?

    A. smurf attack
    B. IP spoofing attack
    C. Denial of service attack
    D. buffer overflow attack

  • Question 483:

    A Cisco ASA appliance has three interfaces configured. The first interface is the inside interface with a security level of 100. The second interface is the DMZ interface with a security level of 50. The third interface is the outside interface with a

    security level of 0.

    By default, without any access list configured, which five types of traffic are permitted? (Choose five.)

    A. outbound traffic initiated from the inside to the DMZ
    B. outbound traffic initiated from the DMZ to the outside
    C. outbound traffic initiated from the inside to the outside
    D. inbound traffic initiated from the outside to the DMZ
    E. inbound traffic initiated from the outside to the inside
    F. inbound traffic initiated from the DMZ to the inside
    G. HTTP return traffic originating from the inside network and returning via the outside interface
    H. HTTP return traffic originating from the inside network and returning via the DMZ interface
    I. HTTP return traffic originating from the DMZ network and returning via the inside interface
    J. HTTP return traffic originating from the outside network and returning via the inside interface

  • Question 484:

    What is the main purpose of Control Plane Policing?

    A. to prevent exhaustion of route-processor resources
    B. to organize the egress packet queues
    C. to define traffic classes
    D. to maintain the policy map

  • Question 485:

    What command can you use to verify the binding table status?

    A. show ip dhcp snooping statistics
    B. show ip dhcp snooping database
    C. show ip dhcp snooping binding
    D. show ip dhcp pool
    E. show ip dhcp snooping
    F. show ip dhcp source binding

  • Question 486:

    You have been tasked with blocking user access to website that violate company policy, but the site use dynamic IP Addresses. What is the best practice URL filtering to solve the problem?

    A. Enable URL filtering and create a blacklist to block the websites that violate company policy.
    B. Enable URL filtering and create a whitelist to allow only the websites the company policy allow users to access.
    C. Enable URL filtering and use URL categorization to allow only the websites the company policy allow users to access
    D. Enable URL filtering and create a whitelist to block the websites that violate company policy.
    E. Enable URL filtering and use URL categorization to block the websites that violate company policy.

  • Question 487:

    Which two statements about hardware-based encryption are true? (Choose two.)

    A. It is potentially easier to compromise than software-based encryption
    B. It requires minimal configuration
    C. It can be implemented without impacting performance.
    D. It is widely accessible
    E. It is highly cost-effective

  • Question 488:

    Which type of attack can exploit design flaws in the implementation of an application without going noticed?

    A. Volume-based DDoS attacks.
    B. application DDoS flood attacks.
    C. DHCP starvation attacks
    D. low-rate DoS attacks

  • Question 489:

    Which statement about application blocking is true?

    A. Block access to specific program.
    B. Block access to specific network addresses.
    C. Block access to specific network services
    D. Block access to files with specific extensions.

  • Question 490:

    Which FirePOWER preprocessor engine is used to prevent SYN attacks?

    A. Rate-Based Prevention
    B. Portscan Detection
    C. IP Defragmentation
    D. Inline Normalization

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-260 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.