All About Tested 210-260 braindumps

Q1. Which two statements about stateless firewalls are true? (Choose two.) 

A. They compare the 5-tuple of each incoming packet against configurable rules. 

B. They cannot track connections. 

C. They are designed to work most efficiently with stateless protocols such as HTTP or HTTPS. 

D. Cisco IOS cannot implement them because the platform is stateful by nature. 

E. The Cisco ASA is implicitly stateless because it blocks all traffic by default. 

View Answer

Q2. What three actions are limitations when running IPS in promiscuous mode? (Choose three.) 

A. deny attacker 

B. deny packet 

C. modify packet 

D. request block connection 

E. request block host 

F. reset TCP connection 

Cisco 210-260 : Practice Test 

View Answer

Q3. According to Cisco best practices, which three protocols should the default ACL allow on an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three.) 

A. BOOTP 

B. TFTP 

C. DNS 

D. MAB 

E. HTTP 

F. 802.1x 

View Answer

Q4. What is the FirePOWER impact flag used for? Cisco 210-260 : Practice Test 

A. A value that indicates the potential severity of an attack. 

B. A value that the administrator assigns to each signature. 

C. A value that sets the priority of a signature. 

D. A value that measures the application awareness. 

View Answer

Q5. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

Which two statements regarding the ASA VPN configurations are correct? (Choose two) 

A. The ASA has a certificate issued by an external Certificate Authority associated to the ASDM_TrustPoint1. 

B. The DefaultWEBVPNGroup Connection Profile is using the AAA with RADIUS server method. 

C. The Inside-SRV bookmark references the https://192.168.1.2 URL 

D. Only Clientless SSL VPN access is allowed with the Sales group policy 

E. AnyConnect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface 

F. The Inside-SRV bookmark has not been applied to the Sales group policy 

View Answer

Q6. What type of algorithm uses the same key to encrypt and decrypt data? Cisco 210-260 : Practice Test 

A. a symmetric algorithm 

B. an asymmetric algorithm 

C. a Public Key Infrastructure algorithm 

D. an IP security algorithm 

View Answer

Q7. Refer to the exhibit. 

Which statement about the device time is true? 

A. The time is authoritative, but the NTP process has lost contact with its servers. 

B. The time is authoritative because the clock is in sync. 

C. The clock is out of sync. 

D. NTP is configured incorrectly. 

E. The time is not authoritative. 

View Answer

Q8. When is the best time to perform an anti-virus signature update? 

A. Every time a new update is available. 

B. When the local scanner has detected a new virus. 

C. When a new virus is discovered in the wild. 

D. When the system detects a browser hook. 

View Answer

Q9. What are two default Cisco IOS privilege levels? (Choose two.) 

A. 0 

B. 1 

C. 5 

D. 7 

E. 10 

F. 15 

View Answer

Q10. For what reason would you configure multiple security contexts on the ASA firewall? 

A. To separate different departments and business units. 

B. To enable the use of VRFs on routers that are adjacently connected. 

C. To provide redundancy and high availability within the organization. 

D. To enable the use of multicast routing and QoS through the firewall. 

View Answer