Lead2pass Exam Collection 210-260 Dumps And 210-260 New Questions:
https://www.lead2pass.com/210-260.html
QUESTION 1
Which statement about communication over failover interfaces is true?
A. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default.
B. All information that is sent over the failover and stateful failover interfaces is encrypted by default
C. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default
D. Usernames, password and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text
Answer: C
QUESTION 2
Which three ESP fields can be encrypted during transmission? (Choose three)
A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad Length
F. Next Header
Answer: DEF
QUESTION 3
According to Cisco best practices, which three protocols should the default ACL allow an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three)
A. BOOTP
B. TFTP
C. DNS
D. MAB
E. HTTP
F. 802.1x
Answer: ABC
QUESTION 4
Refer to the exhibit. If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond?
A. The switch will cycle through the configured authentication methods indefinitely
B. The supplicant will fail to advance beyond the webauth method.
C. The authentication attempt will time out and the switch will place the port into the unathorized state
D. The authentication attempt will time out and the switch will place the port into VLAN 101
Answer: B
QUESTION 5
Which SOURCEFIRE logging action should you choose to record the most detail about a connection.
A. Enable logging at the beginning of the session
B. Enable logging at the end of the session
C. Enable alerts via SNMP to log events off-box
D. Enable eStreamer to log events off-box
Answer: B
QUESTION 6
What type of algorithm uses the same key to encryp and decrypt data?
A. a symmetric algorithm
B. an asymetric algorithm
C. a Public Key infrastructure algorithm
D. an IP Security algorithm
Answer: A
QUESTION 7
If a packet matches more than one class map in an individual feature type’s policy map, how does the ASA handle the packet?
A. The ASA will apply the actions from only the most specific matching class map it finds for the feature type
B. The ASA will apply the actions from all matching class maps it finds for the feature type
C. The ASA will apply the actions from only the last matching class map it finds for the feature type.
D. The ASA will apply the actions from only the first matching class map it finds for the feature type.
Answer: D
QUESTION 8
You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP address Reputation. A user calls and is not able to access a certain IP address. What action can you take to allow the user access to the IP address?
A. Create a custom blacklist to allow traffic
B. Create a whitelist and add the appropriate IP address to allow traffic.
C. Create a user based access control rule to allo the traffic.
D. Create a network based access control rule to allow the traffic.
E. Create a rule to bypass inspection to allow the traffic
Answer: B
QUESTION 9
Which EAP method uses protected Access Credentials?
A. EAP-TLS
B. EAP-PEAP
C. EAP-FAST
D. EAP-GTC
Answer: C
QUESTION 10
In which two situations should you use out-of-band management? (Choose two)
A. when a network device fails to forward packets
B. when management applications need concurrent access to the device
C. when you require ROMMON access
D. when you require administrator’s access from multiple locations
E. when the control plane fails to respond
Answer: AC
210-260 dumps full version (PDF&VCE): https://www.lead2pass.com/210-260.html
Large amount of free 210-260 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDYUk3WWFWOEhsSU0