[Lead2pass Official] Free Download 210-260 Exam Dumps VCE From Lead2pass (301-320)

2017 September Cisco Official New Released 210-260 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

Thank you so much Lead2pass. You helped me passing my 210-260 exam easily, 90% of the exam questions from the dump appeared in my exam.

Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/210-260.html

QUESTION 301
Which type of PVLAN port allows communication from all port types?

A.    isolated
B.    community
C.    in-line
D.    promiscuous

Answer: D

QUESTION 302
Which three options are common examples of AAA implementation on Cisco routers? (Choose three.)

A.    authenticating remote users who are accessing the corporate LAN through IPsec VPN connections
B.    authenticating administrator access to the router console port, auxiliary port, and vty ports
C.    implementing PKI to authenticate and authorize IPsec VPN peers using digital certificates
D.    tracking Cisco NetFlow accounting statistics
E.    securing the router by locking down all unused services
F.    performing router commands authorization using TACACS+

Answer: ABF
Explanation:
http://www.cisco.com/en/US/products/ps6638/products_data_sheet09186a00804fe332.htm l
Need for AAA Services
Security for user access to the network and the ability to dynamically define a user’s profile to gain access to network resources has a legacy dating back to asynchronous dial access. AAA network security services provide the primary framework through which a network administrator can set up access control on network points of entry or network access servers, which is usually the function of a router or access server.
Authentication identifies a user; authorization determines what that user can do; and accounting monitors the network usage time for billing purposes. AAA information is typically stored in an external database or remote server such as RADIUS or TACACS+.
The information can also be stored locally on the access server or router. Remote security servers, such as RADIUS and TACACS+, assign users specific privileges by associating attribute-value (AV) pairs, which define the access rights with the appropriate user. All authorization methods must be defined through AAA.

QUESTION 303
Which type of encryption technology has the broadest platform support to protect operating systems?

A.    software
B.    hardware
C.    middleware
D.    file-level

Answer: A

QUESTION 304
Refer to the exhibit. Which statement about this output is true?

 
A.    The user logged into the router with the incorrect username and password.
B.    The login failed because there was no default enable password.
C.    The login failed because the password entered was incorrect.
D.    The user logged in and was given privilege level 15.

Answer: C
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/debug/command/reference/dbfaaa.html

QUESTION 305
You are the security administrator for a large enterprise network with many remote locations. You have been given the assignment to deploy a Cisco IPS solution.
Where in the network would be the best place to deploy Cisco IOS IPS?

A.    Inside the firewall of the corporate headquarters Internet connection
B.    At the entry point into the data center
C.    Outside the firewall of the corporate headquarters Internet connection
D.    At remote branch offices

Answer: D
Explanation:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_ sheet0900aecd803137cf.html

QUESTION 306
Which two characteristics of the TACACS+ protocol are true? (Choose two.)

A.    uses UDP ports 1645 or 1812
B.    separates AAA functions
C.    encrypts the body of every packet
D.    offers extensive accounting capabilities
E.    is an open RFC standard protocol

Answer: BC
Explanation:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml

QUESTION 307
What is a benefit of a web application firewall?

A.    It blocks known vulnerabilities without patching applications.
B.    It simplifies troubleshooting.
C.    It accelerates web traffic.
D.    It supports all networking protocols.

Answer: A

QUESTION 308
Which filter uses in Web reputation to prevent from Web Based Attacks? (Choose two)

A.    outbreak filter
B.    buffer overflow filter
C.    bayesian overflow filter
D.    web reputation
E.    exploit filtering

Answer: AD

QUESTION 309
Which option is the default value for the Diffie¬Hellman group when configuring a site-to- site VPN on an ASA device?

A.    Group 1
B.    Group 2
C.    Group 5
D.    Group 7

Answer: B

QUESTION 310
Which option is the resulting action in a zone-based policy firewall configuration with these conditions?

 

A.    no impact to zoning or policy
B.    no policy lookup (pass)
C.    drop
D.    apply default policy

Answer: C
Explanation:
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-zone- pol-fw.html

QUESTION 311
Referring to CIA, where would a hash-only make more sense.

A.    Data at Rest
B.    …
C.    …
D.    …

Answer: A

QUESTION 312
Phishing method on the phone.

A.    vishing
B.    …
C.    …
D.    …

Answer: A

QUESTION 313
At which Layer Data Center Operate

A.    Data Center
B.    …
C.    …
D.    …

Answer: A

QUESTION 314
How can you stop reconnaissance attack with cdp.

A.    disable CDP on edge ports (computers)
B.    …
C.    …
D.    …

Answer: A

QUESTION 315
For Protecting FMC what/which is used.

A.    AMP
B.    …
C.    …
D.    …

Answer: A

QUESTION 316
What ips feature that is less secure among than the other option permit a better throughput ?

A.    Promiscuous
B.    …
C.    …
D.    …

Answer: A

QUESTION 317
To confirm that AAA authentication working.

A.    test aaa command
B.    …
C.    …
D.    …

Answer: A

QUESTION 318
Zone based firewall

A.    enable zones first / zones must be made before applying interfaces.
B.    …
C.    …
D.    …

Answer: A

QUESTION 319
Which ports need to be active for AAA server to integrate with Microsoft AD?

A.    445 & 389
B.    1812

Answer: A

QUESTION 320
What does the command crypto isakmp nat-traversal do?

A.    Enables udp port 4500 on all IPsec enabled interfaces
B.    Rebooting the ASA the global command

Answer: A

Suggestion, read 210-260 questions carefully try to understand or guess what they’re asking for. Hope everyone passes.

210-260 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDYUk3WWFWOEhsSU0

2017 Cisco 210-260 exam dumps (All 362 Q&As) from Lead2pass:

https://www.lead2pass.com/210-260.html [100% Exam Pass Guaranteed]

admin