Cisco 210-260 Online Practice
Questions and Exam Preparation
210-260 Exam Details
Exam Code
:210-260
Exam Name
:Implementing Cisco Network Security
Certification
:Cisco Certifications
Vendor
:Cisco
Total Questions
:527 Q&As
Last Updated
:Dec 12, 2021
Cisco 210-260 Online Questions &
Answers
Question 481:
Which statement is a benefit of using Cisco IOS IPS?
A. It uses the underlying routing infrastructure to provide an additional layer of security. B. It works in passive mode so as not to impact traffic flow. C. It supports the complete signature database as a Cisco IPS sensor appliance. D. The signature database is tied closely with the Cisco IOS image.
A. It uses the underlying routing infrastructure to provide an additional layer of security.
Question 482:
Which attack can be prevented by OSPF authentication?
A. smurf attack B. IP spoofing attack C. Denial of service attack D. buffer overflow attack
B. IP spoofing attack
Question 483:
A Cisco ASA appliance has three interfaces configured. The first interface is the inside interface with a security level of 100. The second interface is the DMZ interface with a security level of 50. The third interface is the outside interface with a
security level of 0.
By default, without any access list configured, which five types of traffic are permitted? (Choose five.)
A. outbound traffic initiated from the inside to the DMZ B. outbound traffic initiated from the DMZ to the outside C. outbound traffic initiated from the inside to the outside D. inbound traffic initiated from the outside to the DMZ E. inbound traffic initiated from the outside to the inside F. inbound traffic initiated from the DMZ to the inside G. HTTP return traffic originating from the inside network and returning via the outside interface H. HTTP return traffic originating from the inside network and returning via the DMZ interface I. HTTP return traffic originating from the DMZ network and returning via the inside interface J. HTTP return traffic originating from the outside network and returning via the inside interface
A. outbound traffic initiated from the inside to the DMZ B. outbound traffic initiated from the DMZ to the outside C. outbound traffic initiated from the inside to the outside G. HTTP return traffic originating from the inside network and returning via the outside interface H. HTTP return traffic originating from the inside network and returning via the DMZ interface
Question 484:
What is the main purpose of Control Plane Policing?
A. to prevent exhaustion of route-processor resources B. to organize the egress packet queues C. to define traffic classes D. to maintain the policy map
A. to prevent exhaustion of route-processor resources
Question 485:
What command can you use to verify the binding table status?
A. show ip dhcp snooping statistics B. show ip dhcp snooping database C. show ip dhcp snooping binding D. show ip dhcp pool E. show ip dhcp snooping F. show ip dhcp source binding
B. show ip dhcp snooping database
Question 486:
You have been tasked with blocking user access to website that violate company policy, but the site use dynamic IP Addresses. What is the best practice URL filtering to solve the problem?
A. Enable URL filtering and create a blacklist to block the websites that violate company policy. B. Enable URL filtering and create a whitelist to allow only the websites the company policy allow users to access. C. Enable URL filtering and use URL categorization to allow only the websites the company policy allow users to access D. Enable URL filtering and create a whitelist to block the websites that violate company policy. E. Enable URL filtering and use URL categorization to block the websites that violate company policy.
E. Enable URL filtering and use URL categorization to block the websites that violate company policy.
Question 487:
Which two statements about hardware-based encryption are true? (Choose two.)
A. It is potentially easier to compromise than software-based encryption B. It requires minimal configuration C. It can be implemented without impacting performance. D. It is widely accessible E. It is highly cost-effective
C. It can be implemented without impacting performance. E. It is highly cost-effective
Question 488:
Which type of attack can exploit design flaws in the implementation of an application without going noticed?
A. Volume-based DDoS attacks. B. application DDoS flood attacks. C. DHCP starvation attacks D. low-rate DoS attacks
D. low-rate DoS attacks
Question 489:
Which statement about application blocking is true?
A. Block access to specific program. B. Block access to specific network addresses. C. Block access to specific network services D. Block access to files with specific extensions.
A. Block access to specific program.
Question 490:
Which FirePOWER preprocessor engine is used to prevent SYN attacks?
A. Rate-Based Prevention B. Portscan Detection C. IP Defragmentation D. Inline Normalization
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Cisco exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your 210-260 exam preparations
and Cisco certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.