10 Tips For Abreast of the times 210-260 exam question

New Questions 7

Which tasks is the session management path responsible for? (Choose three.)

A. Verifying IP checksums

B. Performing route lookup

C. Performing session lookup

D. Allocating NAT translations

E. Checking TCP sequence numbers

F. Checking packets against the access list

View Answer

New Questions 8

Which feature allows a dynamic PAT pool to select the next address in the PAT pool instead of the next port of an existing address?

A. next IP

B. round robin

C. dynamic rotation

D. NAT address rotation

View Answer

New Questions 9

Which wildcard mask is associated with a subnet mask of /27?

A. 0.0.0.31

B. 0.0.027

C. 0.0.0.224

D. 0.0.0.255

View Answer

New Questions 10

When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?

A. Deny the connection inline.

B. Perform a Layer 6 reset.

C. Deploy an antimalware system.

D. Enable bypass mode.

View Answer

New Questions 11

Scenario

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations.

To access ASDM, click the ASA icon in the topology diagram. Note: Not all ASDM functionalities are enabled in this simulation.

To see all the menu options available on the left navigation pane, you may also need to un- expand the expanded menu first.

Which two statements regarding the ASA VPN configurations are correct? (Choose two)

A. The ASA has a certificate issued by an external Certificate Authority associated to the ASDM_TrustPoint1.

B. The DefaultWEBVPNGroup Connection Profile is using the AAA with RADIUS server method.

C. The Inside-SRV bookmark references thehttps://192.168.1.2URL

D. Only Clientless SSL VPN access is allowed with the Sales group policy

E. AnyConnect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside

interface

F. The Inside-SRV bookmark has not been applied to the Sales group policy

View Answer

New Questions 12

Refer to the exhibit.

Which line in this configuration prevents the HelpDesk user from modifying the interface configuration?

A. Privilege exec level 9 configure terminal

B. Privilege exec level 10 interface

C. Username HelpDesk privilege 6 password help

D. Privilege exec level 7 show start-up

View Answer

New Questions 13

How to verify that TACACS+ connectivity to a device?

A. You successfully log in to the device by using the local credentials.

B. You connect to the device using SSH and receive the login prompt.

C. You successfully log in to the device by using ACS credentials.

D. You connect via console port and receive the login prompt.

View Answer

New Questions 14

If you change the native VLAN on the trunk port to an unused VLAN, what happens if an attacker attempts a double-tagging attack?

A. The trunk port would go into an error-disabled state.

B. A VLAN hopping attack would be successful.

C. A VLAN hopping attack would be prevented.

D. The attacked VLAN will be pruned.

View Answer

New Questions 15

By default, how does a zone-based firewall handle traffic to and from the self zone?

A. It permits all traffic without inspection.

B. It inspects all traffic to determine how it is handled.

C. it permits all traffic after inspection

D. it drops all traffic.

View Answer

New Questions 16

What is the Cisco preferred countermeasure to mitigate CAM overflows?

A. Port security

B. Dynamic port security

C. IP source guard

D. Root guard

View Answer