Ultimate Guide: cisco ccna security 210 260 iins

We provide real 210 260 pdf exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Cisco ccna security pdf 210 260 Exam quickly & easily. The 210 260 iins pdf PDF type is available for reading and printing. You can print more and practice many times. With the help of our Cisco ccna security pdf 210 260 dumps pdf and vce product and material, you can easily pass the ccna security pdf 210 260 exam.

P.S. Actual 210-260 cram are available on Google Drive, GET MORE: https://drive.google.com/open?id=1vkyWuCceSS4_Yw83isWjMHMxw-tsQUcW

New Cisco 210-260 Exam Dumps Collection (Question 11 - Question 20)

Q11. When an administrator initiates a device wipe command from the ISE, what is the immediate effect?

A. It requests the administrator to choose between erasing all device data or only managed corporate data.

B. It requests the administrator to enter the device PIN or password before proceeding with the operation.

C. It notifies the device user and proceeds with the erase operation.

D. It immediately erases all data on the device.

Answer: A

Q12. How can the administrator enable permanent client installation in a Cisco AnyConnect VPN firewall configuration?

A. Issue the command anyconnect keep-installer under the group policy or username webvpn mode

B. Issue the command anyconnect keep-installer installed in the global configuration

C. Issue the command anyconnect keep-installer installed under the group policy or username webvpn mode

D. Issue the command anyconnect keep-installer installer under the group policy or username webvpn mode

Answer: C

Q13. Which Cisco product can help mitigate web-based attacks within a network?

A. Adaptive Security Appliance

B. Web Security Appliance

C. Email Security Appliance

D. Identity Services Engine

Answer: B

Q14. Which filter uses in Web reputation to prevent from Web Based Attacks? (Choose two)

A. outbreak filter

B. buffer overflow filter

C. bayesian overflow filter

D. web reputation

E. exploit filtering

Answer: A,D

Q15. What features can protect the data plane? (Choose three.)

A. policing

B. ACLs

C. IPS

D. antispoofing

E. QoS

F. DHCP-snooping

Answer: B,D,F

Q16. What are the three layers of a hierarchical network design? (Choose three.)

A. access

B. core

C. distribution

D. user

E. server

F. Internet

Answer: A,B,C

Q17. How can you protect CDP from reconnaissance attacks?

A. Enable dot1x on all ports that are connected to other switches.

B. Disable CP on ports connected to endpoints.

C. Enable dynamic ARP inspection on all untrusted ports.

D. Disable CDP on trunk ports.

Answer: B

Q18. Which two characteristics of an application layer firewall are true? (Choose two)

A. provides protection for multiple applications

B. is immune to URL manipulation

C. provides reverse proxy services

D. provides stateful firewall functionality

E. has low processor usage

Answer: A,C

Q19. Which three options are common examples of AAA implementation on Cisco routers? (Choose three.)

A. authenticating remote users who are accessing the corporate LAN through IPsec VPN connections

B. authenticating administrator access to the router console port, auxiliary port, and vty ports

C. implementing PKI to authenticate and authorize IPsec VPN peers using digital certificates

D. tracking Cisco NetFlow accounting statistics

E. securing the router by locking down all unused services

F. performing router commands authorization using TACACS+

Answer: A,B,F

Explanation:

http://www.cisco.com/en/US/products/ps6638/products_data_sheet09186a00804fe332.htm l

Need for AAA Services

Security for user access to the network and the ability to dynamically define a user's profile to gain access to network resources has a legacy dating back to asynchronous dial access. AAA network security services provide the primary framework through which a network administrator can set up access control on network points of entry or network access servers, which is usually the function of a router or access server.

Authentication identifies a user; authorization determines what that user can do; and accounting monitors the network usage time for billing purposes.

AAA information is typically stored in an external database or remote server such as RADIUS or TACACS+.

The information can also be stored locally on the access server or router. Remote security servers, such as RADIUS and TACACS+, assign users specific privileges by associating attribute-value (AV) pairs, which define the access rights with the appropriate user. All authorization methods must be defined through AAA.

Q20. Which TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)

A. EAP

B. ASCII

C. PAP

D. PEAP

E. MS-CHAPv1

F. MS-CHAPv2

Answer: B,C,E

P.S. Easily pass 210-260 Exam with Thedumpscentre Actual Dumps & pdf vce, Try Free: http://www.thedumpscentre.com/210-260-dumps/ (387 New Questions)