Download CCNA Security -Implementing Cisco Network Security (IINS v3-0).examlabs.210-260.2019-09-26.1e.202q.vcex

Download Exam

File Info

Exam CCNA Security - Implementing Cisco Network Security (IINS v3.0)
Number 210-260
File Name CCNA Security -Implementing Cisco Network Security (IINS v3-0).examlabs.210-260.2019-09-26.1e.202q.vcex
Size 1.06 Mb
Posted September 26, 2019
Downloads 85

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1
In which two situations should you use out-of-band management? (Choose two.)

  • A: when a network device fails to forward packets
  • B: when you require ROMMON access
  • C: when management applications need concurrent access to the device
  • D: when you require administrator access from multiple locations
  • E: when the control plane fails to respond

Question 2
According to Cisco best practices, which three protocols should the default ACL allow on an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three.)

  • A: BOOTP
  • B: TFTP
  • C: DNS
  • D: MAB
  • E: HTTP
  • F: 802.1x

Question 3
Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)

  • A: AES
  • B: 3DES
  • C: DES
  • D: MD5
  • E: DH-1024
  • F: SHA-384

Question 4
What are two default Cisco IOS privilege levels? (Choose two.)

  • A: 0
  • B: 1
  • C: 5
  • D: 7
  • E: 10
  • F: 15

Question 5
Which two features do CoPP and CPPr use to protect the control plane? (Choose two.)

  • A: QoS
  • B: traffic classification
  • C: access lists
  • D: policy maps
  • E: class maps
  • F: Cisco Express Forwarding

Question 6
Which two statements about stateless firewalls are true? (Choose two.)

  • A: They compare the 5-tuple of each incoming packet against configurable rules.
  • B: They cannot track connections.
  • C: They are designed to work most efficiently with stateless protocols such as HTTP or HTTPS.
  • D: Cisco IOS cannot implement them because the platform is stateful by nature.
  • E: The Cisco ASA is implicitly stateless because it blocks all traffic by default.

Question 7
Which three statements about host-based IPS are true? (Choose three.)

  • A: It can view encrypted files.
  • B: It can have more restrictive policies than network-based IPS.
  • C: It can generate alerts based on behavior at the desktop level.
  • D: It can be deployed at the perimeter.
  • E: It uses signature-based policies.
  • F: It works with deployed firewalls.

Question 8
What three actions are limitations when running IPS in promiscuous mode? (Choose three.)

  • A: deny attacker
  • B: deny packet
  • C: modify packet
  • D: request block connection
  • E: request block host
  • F: reset TCP connection

Question 9
When an IPS detects an attack, which action can the IPS take to prevent the attack from spreading?

  • A: Deny the connection inline.
  • B: Perform a Layer 6 reset.
  • C: Deploy an antimalware system.
  • D: Enable bypass mode.

Question 10
What is the purpose of the Integrity component of the CIA triad?

  • A: to ensure that only authorized parties can modify data
  • B: to determine whether data is relevant
  • C: to create a process for accessing data
  • D: to ensure that only authorized parties can view data


You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files