210-260 PDF Study Syllabus For Download

These questions have been used by multiple candidates for success and you can also pass the 210-260 exam by using them.

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: https://www.dumpsschool.com/210-260-exam-dumps.html (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view (FREE VERSION!!!)

Question No. 1

Which IOS command do you enter to test authentication against a AAA server?

Answer: D

Question No. 2

Which option is the default value for the Diffie–Hellman group when configuring a site-to-site VPN on an ASA device?

Answer: B

Question No. 3

What three actions are limitations when running IPS in promiscuous mode? (Choose three.)

Answer: A, B, C

In promiscuous mode, packets do not flow through the sensor. The disadvantage of operating in promiscuous mode, however, is the sensor cannot stop malicious traffic from reaching its intended target for certain types of attacks, such as atomic attacks (single-packet attacks). The response actions implemented by promiscuous sensor devices are post-event responses and often require assistance from other networking devices, for example, routers and firewalls, to respond to an attack.

Source: http://www.cisco.com/c/en/us/td/docs/security/ips/7-0/configuration/guide/cli/cliguide7/ cli_interfaces.html

Question No. 4

Which two options are Private-VLAN secondary VLAN types?

Answer: A, C

Question No. 5

Which statement about college campus is true?

Answer: A

Question No. 6

Which source port does IKE use when NAT has been detected between two VPN gateways?

Answer: C

The IKE protocol uses UDP packets, usually on port 500

NAT traversal: The encapsulation of IKE and ESP in UDP port 4500 enables these protocols to pass through a device or firewall performing NAT

Source: https://en.wikipedia.org/wiki/Internet_Key_Exchange

Question No. 7

Which ports must be open between a AAA server and a Microsoft server to permit active directory authentication?

Answer: A

Question No. 8

What is true about the Cisco IOS Resilient Configuration feature?

Answer: C

The following factors were considered in the design of Cisco IOS Resilient Configuration:

+ The configuration file in the primary bootset is a copy of the running configuration that was in the router when the feature was first enabled.

+ The feature secures the smallest working set of files to preserve persistent storage space. No extra space is required to secure the primary Cisco IOS image file.

+ The feature automatically detects image or configuration version mismatch .

+ Only local storage is used for securing files, eliminating scalability maintenance challenges from storing multiple images and configurations on TFTP servers.

+ The feature can be disabled only through a console session Source: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/15-mt/sec-usr-cfg-15-mt- book/sec-resil-config.html

210-260 Dumps Google Drive: (Limited Version!!!)

Related Certification: https://www.dumpsschool.com/ccna-security-questions.html

Facebook Comments