Ucertify ccna security 210 260 official cert guide pdf download Questions are updated and all 210 260 dumps answers are verified by experts. Once you have completely prepared with our 210 260 iins exam prep kits you will be ready for the real ccna security 210 260 official cert guide pdf free download exam without a problem. We have Leading Cisco ccna security 210 260 dumps study guide. PASSED ccna security pdf 210 260 First attempt! Here What I Did.
Q1. What type of algorithm uses the same key to encrypt and decrypt data? Cisco 210-260 : Practice Test
A. a symmetric algorithm
B. an asymmetric algorithm
C. a Public Key Infrastructure algorithm
D. an IP security algorithm
Answer: A
Q2. What is the effect of the send-lifetime local 23:59:00 31 December 31 2013 infinite command?
A. It configures the device to begin transmitting the authentication key to other devices at 00:00:00 local time on January 1, 2014 and continue using the key indefinitely.
B. It configures the device to begin transmitting the authentication key to other devices at 23:59:00 local time on December 31, 2013 and continue using the key indefinitely.
C. It configures the device to begin accepting the authentication key from other devices immediately and stop accepting the key at 23:59:00 local time on December 31, 2013.
D. It configures the device to generate a new authentication key and transmit it to other devices at 23:59:00 local time on December 31, 2013.
E. It configures the device to begin accepting the authentication key from other devices at 23:59:00 local time on December 31, 2013 and continue accepting the key indefinitely.
F. It configures the device to begin accepting the authentication key from other devices at 00:00:00 local time on January 1, 2014 and continue accepting the key indefinitely.
Answer: B
Q3. What is the FirePOWER impact flag used for? Cisco 210-260 : Practice Test
A. A value that indicates the potential severity of an attack.
B. A value that the administrator assigns to each signature.
C. A value that sets the priority of a signature.
D. A value that measures the application awareness.
Answer: A
Q4. How does the Cisco ASA use Active Directory to authorize VPN users?
A. It queries the Active Directory server for a specific attribute for the specified user.
B. It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server.
C. It downloads and stores the Active Directory database to query for future authorization requests.
D. It redirects requests to the Active Directory server defined for the VPN group.
Answer: A
Q5. Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)
A. AES
B. 3DES
C. DES
D. MD5
E. DH-1024
F. SHA-384
Answer: A,F
Q6. Refer to the exhibit.
What type of firewall would use the given configuration line?
A. a stateful firewall
B. a personal firewall
C. a proxy firewall
D. an application firewall
E. a stateless firewall
Answer: A
Q7. Scenario
In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations.
To access ASDM, click the ASA icon in the topology diagram.
Note: Not all ASDM functionalities are enabled in this simulation.
To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first.
Which two statements regarding the ASA VPN configurations are correct? (Choose two)
A. The ASA has a certificate issued by an external Certificate Authority associated to the ASDM_TrustPoint1.
B. The DefaultWEBVPNGroup Connection Profile is using the AAA with RADIUS server method.
C. The Inside-SRV bookmark references the https://192.168.1.2 URL
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. AnyConnect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside interface
F. The Inside-SRV bookmark has not been applied to the Sales group policy
Answer: B,C
Explanation:
For B:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.38.21 AM.png For C, Navigate to the Bookmarks tab:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.40.14 AM.png Then hit “edit” and you will see this:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.41.54 AM.png Not A, as this is listed under the Identity Certificates, not the CA certificates:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.34.54 AM.png Note E:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.26.56 AM.png
Q8. Refer to the exhibit.
What is the effect of the given command sequence?
A. It configures IKE Phase 1.
B. It configures a site-to-site VPN tunnel.
C. It configures a crypto policy with a key size of 14400.
D. It configures IPSec Phase 2.
Answer: A
Q9. Which statement about communication over failover interfaces is true?
A. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default.
B. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default.
C. All information that is sent over the failover and stateful failover interfaces is encrypted by default.
D. User names, passwords, and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text.
Answer: A
Q10. What is the only permitted operation for processing multicast traffic on zone-based firewalls?
A. Only control plane policing can protect the control plane against multicast traffic.
B. Stateful inspection of multicast traffic is supported only for the self-zone.
C. Stateful inspection for multicast traffic is supported only between the self-zone and the internal zone.
D. Stateful inspection of multicast traffic is supported only for the internal zone.
Answer: A