Cisco Certified Network Associate Security 210-260 exam Describe IPsec protocols and delivery modes (IKE, ESP, AH, tunnel mode, transport mode) Describe operational strengths and weaknesses of the different firewall technologies and Describe mitigation technology for email-based threats. If you want to prepare 210-260 exam in short time then you can get latest Implementing Cisco Network Security 210-260 exam questions similar to actual 210-260 exam. Practicetestguru provide you 210-260 dumps in two formats. You can prepare well through PDF Q&A booklet and 210-260 exam practice test software with confidence to succeed by saving your time and money both.

♥♥ 2018 NEW RECOMMEND 210-260 Exam Questions ♥♥

210-260 exam questions, 210-260 PDF dumps; 210-260 exam dumps:: (296 Q&A) (New Questions Are 100% Available! Also Free Practice Test Software!)

Latest and Most Accurate Cisco 210-260 Dumps Exam Questions and Answers:

Version: 22.0
Question: 21

You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP Address Reputation. A user calls and is not able to access a certain IP address. What action can you take to allow the user access to the IP address?

A. Create a whitelist and add the appropriate IP address to allow the traffic.
B. Create a custom blacklist to allow the traffic.
C. Create a user based access control rule to allow the traffic.
D. Create a network based access control rule to allow the traffic.
E. Create a rule to bypass inspection to allow the traffic.

Answer: A

Question: 22

A specific URL has been identified as containing malware. What action can you take to block users from accidentally visiting the URL and becoming infected with malware.

A. Enable URL filtering on the perimeter router and add the URLs you want to block to the router’s local URL list.
B. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the router’s local URL list.
C. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewall’s local URL list.
D. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router.
E. Create a whitelist that contains the URLs you want to allow and activate the whitelist on the perimeter router.

Answer: A

Question: 23

In which three ways does the TACACS protocol differ from RADIUS? (Choose three.)

A. TACACS uses TCP to communicate with the NAS.
B. TACACS can encrypt the entire packet that is sent to the NAS.
C. TACACS supports per-command authorization.
D. TACACS authenticates and authorizes simultaneously, causing fewer packets to be transmitted.
E. TACACS uses UDP to communicate with the NAS.
F. TACACS encrypts only the password field in an authentication packet.

Answer: A,B,C

Question: 24

According to Cisco best practices, which three protocols should the default ACL allow on an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three.)

F. 802.1x

Answer: A,B,C

Question: 25

Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)

D. MD5
E. DH-1024
F. SHA-384

Answer: A,F

Question: 26

Which three ESP fields can be encrypted during transmission? (Choose three.)

A. Security Parameter Index
B. Sequence Number
C. MAC Address
D. Padding
E. Pad Length
F. Next Header

Answer: D,E,F

New Updated 210-260 Exam Questions 210-260 PDF dumps 210-260 practice exam dumps:


Facebook Comments