Cisco 210-260 Questions Answers For Better Preparation

By | December 9, 2019

The CCNA security certification needs 210-260 exam. DumpsSchool makes sure success in the real exam with updated CCNA Security exam questions.

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: https://www.dumpsschool.com/210-260-exam-dumps.html (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view (FREE VERSION!!!)

Question No. 1

Which actions can a promiscuous IPS take to mitigate an attack? (Choose three.)

Answer: B, D, E

Promiscuous Mode Event Actions

+ Request block host: This event action will send an ARC request to block the host for a specified time frame, preventing any further communication. This is a severe action that is most appropriate when there is minimal chance of a false alarm or spoofing.

+ Request block connection: This action will send an ARC response to block the specific connection. This action is appropriate when there is potential for false alarms or spoofing. + Reset TCP connection: This action is TCP specific, and in instances where the attack requires several TCP packets, this can be a successful action.

Source: http://www.cisco.com/c/en/us/about/security-center/ips-mitigation.html#7

Question No. 2

What is the Cisco preferred countermeasure to mitigate CAM overflows?

Answer: B

Question No. 3

Which protocols use encryption to protect the confidentiality of data transmitted between two parties? (Choose two.)

Answer: B, E

+ Secure Shell (SSH) provides the same functionality as Telnet, in that it gives you a CLI to a router or switch; unlike Telnet, however, SSH encrypts all the packets that are used in the session.

+ For graphical user interface (GUI) management tools such as CCP, use HTTPS rather than HTTP because, like SSH, it encrypts the session, which provides confidentiality for the packets in that session.

Source: Cisco Official Certification Guide, Encrypted Management Protocols, p.287

Question No. 4

Refer to the exhibit.

A network security administrator checks the ASA firewall NAT policy table with the show nat command. Which statement is false?

Answer: A

Question No. 5

Which statement correctly describes the function of a private VLAN?

Answer: A

Private VLAN divides a VLAN (Primary) into sub-VLANs (Secondary) while keeping existing IP subnet and layer 3 configuration. A regular VLAN is a single broadcast domain, while private VLAN partitions one broadcast domain into multiple smaller broadcast subdomains.

Source: https://en.wikipedia.org/wiki/Private_VLAN

Question No. 6

A proxy firewall protects against which type of attack?

Answer: A

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007.

Source: https://en.wikipedia.org/wiki/Cross-site_scripting

A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. A proxy firewall may also be called an application firewall or gateway firewall. Proxy firewalls are considered to be the most secure type of firewall because they prevent direct network contact with other systems.

Source: http://searchsecurity.techtarget.com/definition/proxy-firewall

Question No. 7

SIMULATION

Scenario

Given the new additional connectivity requirements and the topology diagram, use ASDM to accomplish the required ASA configurations to meet the requirements.

New additional connectivity requirements:

Once the correct ASA configurations have been configured:

To access ASDM, click the ASA icon in the topology diagram.

To access the Firefox Browser on the Outside PC, click the Outside PC icon in the topology diagram.

To access the Command prompt on the Inside PC, click the Inside PC icon in the topology diagram.

Note:

After you make the configuration changes in ASDM, remember to click Apply to apply the configuration changes.

Not all ASDM screens are enabled in this simulation, if some screen is not enabled, try to use different methods to configure the ASA to meet the requirements.

In this simulation, some of the ASDM screens may not look and function exactly like the real ASDM.

Answer: A

Question No. 8

Which command do you enter to configure your firewall to conceal internal addresses?

Answer: E

210-260 Dumps Google Drive: (Limited Version!!!)
https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view

Related Certification: https://www.dumpsschool.com/ccna-security-questions.html