Cisco 210-260 Exam Study Guide - 210-260 Question Answers Dumps4Download.us

Question No : 1

Which three statements about Cisco host-based IPS solution are true? (Choose three)

A. It work with deployed firewalls.
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It can generate alerts based on behavior at the desktop level
F. It can view encrypted files

Answer: ADF
Explanation:
The key word here is 'Cisco', and Cisco's host-based IPS, CSA, is NOT signature-based and CAN view encrypted files.

Question No : 2

Scenario

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations.To access ASDM, click the ASA icon in the topology diagram.

Note: Not all ASDM functionalities are enabled in this simulation.To see all the menu options available on the left navigation pane, you may also need to unexpand the expanded menu first.

Which user authentication method is used when users login to the Clientless SSL VPN portal using https://209165.201.2/test?

A. Both Certificate and AAA with LOCAL database

B. AAA with RADIUS server

C. Both Certificate and AAA with RADIUS server

D. AAA with LOCAL database

E. Certificate

Answer: D

Explanation:

This can be seen from the Connection Profiles Tab of the Remote Access VPN configuration,where the alias of test is being used.

Buy Exact 210-260 Exam Questions With Answers - 210-260 Dumps PDF Dumps4Download 

Question No : 3

What are two users of SIEM software? (Choose two)

A. performing automatic network audits

B. configuring firewall and IDS devices

C. alerting administrators to security events in real time

D. scanning emails for suspicious attachments

E. collecting and archiving syslog data

Answer: C,E

Explanation:

The other choices are not functions of SIEM software.

Question No : 4

Which Sourfire secure action should you choose if you want to block only malicious traffic from a particular end-user?

A. Trust

B. Block

C. Allow without inspection

D. Monitor

E. Allow with inspection

Answer: E

Explanation:

Allow with Inspection allows all traffic except for malicious traffic from a particular end-user. The other options are too restrictive, too permissive, or don't exist.

Buy Cisco 210-260 Real Exam Dumps - 2018 210-260 Braindumps Dumps4Download 

Question No : 5

Which two next-generation encryption algorithms does Cisco recommends? (Choose two)

A. SHA-384

B. MD5

C. DH-1024

D. DES

E. AES

F. 3DES

Answer: A,E

Explanation:

From Cisco documentation:

A. SHA-384 - YES

B. MD5 - NO

C. DH-1024 - NO

D. DES - NO

E. AES - YES (CBC, or GCM modes)

F. 3DES - Legacy

Question No : 6

How does a device on a network using ISE receive its digital certificate during the new-device registration process?

A. ISE acts as a SCEP proxy to enable the device to receive a certificate from a central CA server

B. The device request a new certificate directly from a central CA

C. ISE issues a pre-defined certificate from a local database

D. ISE issues a certificate from its internal CA server.

Answer: A

Explanation:

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide.pdf

Free 210-260 Exam Question Answers - Cisco 210-260 Braindumps Dumps4Download.us 

Question No : 7

Which three ESP fields can be encrypted during transmission? (Choose three)

A. Next Header

B. MAC Address

C. Padding

D. Pad Length

E. Sequence Number

F. Security Parameter Index

Answer: A,C,D

Explanation:

The last encrypted part is the Payload Data. The unencrypted parts are the Security Parameter Index and the Sequence Number.

Question  No : 8

You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP address Reputation. A user calls and is not able to access a certain IP address. What action can you take to allow the user access to the IP address?

A. Create a custom blacklist to allow traffic

B. Create a whitelist and add the appropriate IP address to allow traffic.

C. Create a user based access control rule to allo the traffic.

D. Create a network based access control rule to allow the traffic.

E. Create a rule to bypass inspection to allow the traffic

Answer: C

Explanation:

Custom whitelists override blacklists and mitigate false positives.

Verified 210-260 Exam Questions - Cisco 210-260 Exam Study Material Dumps4Download  

Question No : 9

Which EAP method uses protected Access Credentials?

A. EAP-TLS

B. EAP-PEAP

C. EAP-FAST

D. EAP-GTC

Answer: C

Question No : 10

In which two situations should you use out-of-band management? (Choose two)

A. when a network device fails to forward packets

B. when management applications need concurrent access to the device

C. when you require ROMMON access

D. when you require adminstrator access from multiple locations

E. when the control plane fails to respond

Answer: A,C

100% Valid Cisco 210-260 Exam Dumps Questions - Dumps4Download 210-260 Free Demo PDF 

Critical flaw exposes Cisco security appliances to remote hacking

Firewalls running Cisco Adaptive Security Appliance (ASA) software can be compromised remotely with malformed UDP packets

Cisco Systems patched a critical vulnerability that could allow remote attackers to take over Cisco Adaptive Security Appliance (ASA) firewalls configured as virtual private network servers by simply sending malformed network packets to them.

For devices that are designed to protect private networks from Internet attacks, this is as bad as it gets. That's why Cisco rated the vulnerability with the maximum score of 10 in the Common Vulnerability Scoring System.

The flaw is located in the Cisco ASA code that handles the Internet Key Exchange version 1 (IKEv1) and IKE version 2 (IKEv2) protocols. More precisely, it stems from a buffer overflow condition in the function that processes fragmented IKE payloads.

"An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system," Cisco said in an advisory. "An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system."

IKE is used as a key exchange mechanism in IPsec-based virtual private networks (VPNs). As such, the Cisco ASA devices are only vulnerable if they are configured to act as termination points for LAN-to-LAN IPsec VPN, remote access VPN using the IPsec VPN client, Layer 2 Tunneling Protocol (L2TP)-over-IPsec VPN connections and IKEv2 AnyConnect.

Cisco ASA products are frequently configured for VPNs. Their strength is that they can provide IP routing, firewall, network antivirus, intrusion prevention and VPN functionality in a single device.

According to Cisco the following products are vulnerable: Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco ASA 1000V Cloud Firewall, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 9300 ASA Security Module and Cisco ISA 3000 Industrial Security Appliance.

The Cisco advisory contains a list with the fixed Cisco ASA software versions for different release branches. Users are advised to update as soon as possible.

The Internet Storm Center at the SANS Technology Institute has reported seeing a large increase in Internet probes on UDP port 500, which is the most likely port number for exploiting this vulnerability.

Buy Cisco 210-260 Real Exam Dumps - 2018 210-260 Braindumps Dumps4Download

Question No : 8

You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing
Security Intelligence IP address Reputation. A user calls and is not able to access a certain IP
address. What action can you take to allow the user access to the IP address?

A. Create a custom blacklist to allow traffic

B. Create a whitelist and add the appropriate IP address to allow traffic.

C. Create a user based access control rule to allo the traffic.

D. Create a network based access control rule to allow the traffic.

E. Create a rule to bypass inspection to allow the traffic

Answer: C

Explanation:

Custom whitelists override blacklists and mitigate false positives.

Free 210-260 Exam Dumps - 210-260 Certifications - Dumps4Download.us

Prepare 210-260 Question Answers - 210-260 Exam Dumps - Dumps4Download from abbyholly

Get 210-260 PDF With Actual Questions Answers - 210-260 Dumps

Question No : 7

Which three ESP fields can be encrypted during transmission? (Choose three)

A. Next Header
B. MAC Address
C. Padding
D. Pad Length
E. Sequence Number
F. Security Parameter Index

Answer: A,C,D
Explanation:
The last encrypted part is the Payload Data. The unencrypted parts are the Security Parameter
Index and the Sequence Number.

Dumps4Download 2018 Updated 210-260 Dumps - Cisco 210-260 Braindumps

Question No : 6

How does a device on a network using ISE receive its digital certificate during the new-device registration process?

A. ISE acts as a SCEP proxy to enable the device to receive a certificate from a central CA server
B. The device request a new certificate directly from a central CA
C. ISE issues a pre-defined certificate from a local database
D. ISE issues a certificate from its internal CA server.

Answer: A 
Explanation: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/ BYOD_Design_Guide.pdf

Latest And Actual 210-260 Exam Dumps | 210-260 Study Material Dumps

Question No : 5

Which two next-generation encryption algorithms does Cisco recommends? (Choose two)

A. SHA-384
B. MD5
C. DH-1024
D. DES
E. AES
F. 3DES

Answer: A,E
Explanation:
From Cisco documentation:
A. SHA-384 - YES
B. MD5 - NO
C. DH-1024 - NO
D. DES - NO
E. AES - YES (CBC, or GCM modes)
F. 3DES - Legacy