Exam Prepartion Material For Cisco 210-260 Exam

Get Latest ccna security exam questions today! No One Can Beat DumpsSchool in the best quality of ccna security 210-260 dumps. Get the best tips to pass Cisco 210-260 Exam in the first attempt.

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: https://www.dumpsschool.com/210-260-exam-dumps.html (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view (FREE VERSION!!!)

Question No. 1

Refer to the exhibit.

Which statement about the device time is true?

Answer: A

Remember: The [.] at the beginning of the time tells us the NTP process has last contact with its servers. We know the time is authoritative because there would be a [*] at the beginning if not.

Question No. 2

Refer to the exhibit.

With which NTP server has the router synchronized?

Answer: A

The output presented is generated by the show ntp association detail command. Attributes:

+ configured: This NTP clock source has been configured to be a server. This value can also be dynamic, where the peer/server was dynamically discovered.

+ our_master: The local client is synchronized to this peer

+ valid: The peer/server time is valid. The local client accepts this time if this peer becomes the master.

Source: http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/116161-trouble-ntp-00.html

Question No. 3

What mechanism does asymmetric cryptography use to secure data?

Answer: A

Public key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys:

public keys which may be disseminated widely, and private keys which are known only to the owner. This accomplishes two functions: authentication, which is when the public key is used to verify that a holder of the paired private key sent the message, and encryption, whereby only the holder of the paired private key can decrypt the message encrypted with the public key.

Source: https://en.wikipedia.org/wiki/Public-key_cryptography

Question No. 4

Refer to the exhibit.

What are two effects of the given command? (Choose two.)

Answer: B, E

To define a transform set — an acceptable combination of security protocols and algorithms — use the crypto ipsec transform-set global configuration command.

ESP Encryption Transform

+ esp-aes 256: ESP with the 256-bit AES encryption algorithm.

ESP Authentication Transform

+ esp-md5-hmac: ESP with the MD5 (HMAC variant) authentication algorithm. (No longer recommended) Source: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr- c3.html#wp2590984165

Question No. 5

Which IPS mode provides the maximum number of actions?

Answer: A

The first option is to put a sensor inline with the traffic, which just means that any traffic going through your network is forced to go in one physical or logical port on the sensor.

Because the sensor is inline with the network, and because it can drop a packet and deny that packet from ever reaching its final destination (because it might cause harm to that destination), the sensor has in fact just prevented that attack from being carried out. That is the concept behind intrusion prevention systems (IPS).

Whenever you hear IPS mentioned, you immediately know that the sensor is inline with the traffic, which makes it possible to prevent the attack from making it further into the network.

Source: Cisco Official Certification Guide, Difference Between IPS and IDS, p.460

Question No. 6

Which statement provides the best definition of malware?

Answer: A

Malware, short for malicious software, is any software used to disrupt computer or mobile operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.[1] Before the term malware was coined by Yisrael Radai in 1990, malicious software was referred to as computer viruses.

Source: https://en.wikipedia.org/wiki/Malware

Question No. 7

How many crypto map sets can you apply to a router interface?

Answer: D

You must assign a crypto map set to an interface before that interface can provide IPSec services. Only one crypto map set can be assigned to an interface. If multiple crypto map entries have the same map-name but a different seq-num, they are considered to be part of the same set and will all be applied to the interface.

Source: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command

Question No. 8

What are two uses of SIEM software? (Choose two.)

Answer: A, B

Security Information Event Management SIEM

+ Log collection of event records from sources throughout the organization provides important forensic tools and helps to address compliance reporting requirements.

+ Normalization maps log messages from different systems into a common data model, enabling the organization to connect and analyze related events, even if they are initially logged in different source formats. + Correlation links logs and events from disparate systems or applications, speeding detection of and reaction to security threats.

+ Aggregation reduces the volume of event data by consolidating duplicate event records. + Reporting presents the correlated, aggregated event data in real-time monitoring and long-term summaries.

Source: http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-smart-business- architecture/sbaSIEM_deployG.pdf

210-260 Dumps Google Drive: (Limited Version!!!)

Related Certification: https://www.dumpsschool.com/ccna-security-questions.html

Facebook Comments