The last date to test 210-260 IINS exam is February 23, 2020

Cisco will release a new, consolidated CCNA Security exam. The last date to test 210-260 IINS exam is February 23, 2020. If you have started working toward CCNA Security certification, keep going. We updated Cisco 210-260 IINS exam dumps V20.02 on June 9, 2019, which is the new exam resource to passing CCNA Security 210-260 IINS exam. If you are preparing for the current 210-260 exam, please come to get the new 210-260 IINS exam dumps online.

Free CCNA Security 210-260 IINS Dumps V20.02

1. Which two services define cloud networks? (Choose two.)


2. In which two situations should you use out-of-band management? (Choose two.)


3. In which three ways does the TACACS protocol differ from RADIUS? (Choose three.)


4. According to Cisco best practices, which three protocols should the default ACL allow on an access port to enable wired BYOD devices to supply valid credentials and connect to the network?

(Choose three.)


5. Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)


6. Which three ESP fields can be encrypted during transmission? (Choose three.)


7. What are two default Cisco IOS privilege levels? (Choose two.)


8. Which two authentication types does OSPF support? (Choose two.)


9. Which two features are commonly used by CoPP and CPPr to protect the control plane?


10. Which two statements about stateless firewalls are true? (Choose two.)


11. Which three statements about host-based IPS are true? (Choose three.)


12. What three actions are limitations when running IPS in promiscuous mode? (Choose three.)


13. When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?


14. What is an advantage of implementing a Trusted Platform Module for disk encryption?


15. What is the purpose of the Integrity component of the CIA triad?


16. In a security context, which action can you take to address compliance?


17. Which type of secure connectivity does an extranet provide?


18. Which tool can an attacker use to attempt a DDoS attack?


19. What type of security support is provided by the Open Web Application Security Project?


20. What type of attack was the Stuxnet virus?


21. What type of algorithm uses the same key to encrypt and decrypt data?


22. Refer to the exhibit.

How many times was a read-only string used to attempt a write operation?


23. Refer to the exhibit.

Which statement about the device time is true?


24. How does the Cisco ASA use Active Directory to authorize VPN users?


25. Which statement about Cisco ACS authentication and authorization is true?


26. Refer to the exhibit.

If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond?


27. Which EAP method uses Protected Access Credentials?


28. What is one requirement for locking a wired or wireless device from ISE?


29. What VPN feature allows traffic to exit the security appliance through the same interface it entered?


30. What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network



31. Refer to the exhibit.

What is the effect of the given command sequence?


32. Refer to the exhibit.

What is the effect of the given command sequence?


33. Refer to the exhibit.

While troubleshooting site-to-site VPN, you issued the show crypto isakmp sa command.


does the given output show?


34. Refer to the exhibit.

While troubleshooting site-to-site VPN, you issued the show crypto ipsec sa command.

What does the given output show?


35. After reloading a router, you issue the dir command to verify the installation and observe that the image file appears to be missing.

For what reason could the image file fail to appear in the dir output?


36. What is the effect of the send-lifetime local 23:59:00 31 December 31 2013 infinite command?


37. What type of packet creates and performs network operations on a network device?


38. An attacker installs a rogue switch that sends superior BPDUs on your network.

What is a possible result of this activity?


39. In what type of attack does an attacker virtually change a device’s burned-in address in an attempt to circumvent access lists and mask the device’s true identity?


40. What command can you use to verify the binding table status?


41. If a switch port goes into a blocked state only when a superior BPDU is received, what mechanism must be in use?


42. Which statement about a PVLAN isolated port configured on a switch is true?


43. If you change the native VLAN on the trunk port to an unused VLAN, what happens if an attacker attempts a double-tagging attack?


44. What is a reason for an organization to deploy a personal firewall?


45. Which statement about personal firewalls is true?


46. Refer to the exhibit.

What type of firewall would use the given configuration line?


47. What is the only permitted operation for processing multicast traffic on zone-based firewalls?


48. How does a zone-based firewall implementation handle traffic between interfaces in the same zone?


49. Which two statements about Telnet access to the ASA are true? (Choose two).


50. Which statement about communication over failover interfaces is true?


51. If a packet matches more than one class map in an individual feature type’s policy map, how does the ASA handle the packet?


52. For what reason would you configure multiple security contexts on the ASA firewall?


53. What is an advantage of placing an IPS on the inside of a network?


54. What is the FirePOWER impact flag used for?


55. Which FirePOWER preprocessor engine is used to prevent SYN attacks?


56. Which Sourcefire logging action should you choose to record the most detail about a connection?


57. What can the SMTP preprocessor in FirePOWER normalize?


58. You want to allow all of your company’s users to access the Internet without allowing other Web servers to collect the IP addresses of individual users.

What two solutions can you use? (Choose two).


59. You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP Address Reputation. A user calls and is not able to access a certain IP address.

What action can you take to allow the user access to the IP address?


60. A specific URL has been identified as containing malware.

What action can you take to block users from accidentally visiting the URL and becoming infected with malware.


CCT Routing & Switching 640-692 RSTECH Exam Dumps
Free 642-889 SPEDGE CCNP Service Provider Exam Dumps

Add a Comment

Your email address will not be published. Required fields are marked *