Certification Exam Prep Questions For Implementing Cisco Network (210-260)

Name: Implementing Cisco Network
SKU: Implementing Cisco Network
Price: 109 USD
Availability: InStock

QuickStart is now offering assessment questions for Implementing Cisco Network. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for Implementing Cisco Network.

Which security level is being used if you use the following commands to enable SNMPv3 on a cisco router: Access-list 90 permit 10.10.10.0 0.0.0.255 Access-list 90 deny any log Snmp-server user admin TEST v3 auth sha secret989! Priv aes 256 Pass8718! Access 90

A. aes: Incorrect.

B. noAuthNopriv: Incorrect.

C. authpriv: Correct!

D. authNoPriv: Incorrect.

If you want to mitigate VLAN hopping attacks, what would you choose to implement on a switch?

A. Turn off STP for VLAN 1: Incorrect.

B. Enable Q-in-Q tunneling: Incorrect.

C. Turn off auto trunking on all user facing ports: Correct!

D. Configure all ports as dynamic desirable ports: Incorrect.

A router named Router R1 is configured using a firewall. Choose an option that reflects zones shown in the exhibit?

A. 1-DMZ,2-inside , 3 -self,4 -outside: Incorrect.

B. 1-inside,2 – self, 3 – inside, 4- outside: Incorrect.

C. 1-inside,2 – DMZ, 3 – self, 4-Private: Incorrect.

D. 1-inside,2 – DMZ, 3 – self, 4-outside: Correct!

You are using Cisco anyconnect to get connected to an ASA firewall. Upon looking at the exhibit for the route details, which anyconnect option would you find enabled to exclude the default route?

A. URL Handler: Incorrect.

B. Spilit tunning: Correct!

C. Hair pinning: Incorrect.

D. Always on: Incorrect.

Identify the access method of Packet capture if you want a hardware tool with zero risk of dropped packets?

A. SPAN: Incorrect.

B. Media converter: Incorrect.

C. RSPAN: Incorrect.

D. Network TAP: Correct!

Identify two features that have been enabled on the ASA? (Pick two)

A. Two interfaces using the same security level can exchange traffic: Correct!

B. Jumbo frame reservation has been enabled: Incorrect.

C. Two hosts connected to the same interface can exchange traffic: Correct!

D. The Management interface has been enabled: Incorrect.

The exhibit shows you have a private VLAN configured. Pick a statement that accurately reflects the behavior of a private VLAN?

A. The broadcast traffic from port 5 will reach port 6.: Correct!

B. The broadcast traffic from port 3 will reach port 5.: Incorrect.

C. The broadcast traffic from port 1 will reach port 2.: Incorrect.

D. The broadcast traffic from port 7 will reach port 1.: Incorrect.

The broadcast traffic will reach port 2 from port 1.

A. The SSL session keyword is missing.: Incorrect.

B. WebVPN has been disabled.: Incorrect.

C. The SSL session feature has been disabled.: Incorrect.

D. There are not enough SSL licenses.: Correct!

Out of the four commands below, which one enables the IOS resilience feature on a router?

A. Secure bootset: Incorrect.

B. Secure boot-image: Correct!

C. Service password-recovery: Incorrect.

D. Secure boot-config: Incorrect.

You find the following error while debugging an issue with an IPsec VPN tunnel: %CRPT0-4-1KMP_BAD_MESSAGE: IKE message from 121.142.120.42 failed its sanity check or is malformed. In order to fix the problem, which of the following would you verify on both routers?

A. Pre-shared keys: Correct!

B. Phase 1 hash proposals: Incorrect.

C. Peer IP addresses: Incorrect.

D. Access lists: Incorrect.

dentify the IPS action that terminates the current packet as well as all the futures packets from an attacker address?

A. Deny packet inline: Incorrect.

B. Deny connection inline: Incorrect.

C. Deny attacker inline: Correct!

D. Modify packet inline: Incorrect.

Identify the method that manages a network device while using a separate communication channel and a dedicated physical interface?

A. In-band: Incorrect.

B. VRF: Incorrect.

C. Out-of-band: Correct!

D. AAA: Incorrect.

Your manager has instructed you to use the next-generation cryptographic algorithms while configuring a VPN policy. Identify the two Dithe-Hellman groups, shown in the exhibit, that you would choose? (Choose two.)

A. 20: Correct!

B. 2: Incorrect.

C. 15: Incorrect.

D. 19: Correct!

hy is changing the default native VLAN ID necessary when configuring a native VLAN on a Cisco switch?

A. An unauthorized user can send untagged frames to the switch.: Correct!

B. Unauthorized user communications will be blocked.: Incorrect.

C. An unauthorized user can control other computers connected to the same switch.: Incorrect.

D. An unauthorized user can control the switch remotely.: Incorrect.

Choose one of the following statements that accurately describe Web Interaction Tracking feature in a Cisco Email Security Appliance (ESA)?

A. Blocks user access to specific URLs from the email client: Incorrect.

B. Tracks user clicks on URLs in emails: Correct!

C. Displays a web page to warn users about malware: Incorrect.

D. Provides statistics on web pages that users visit: Incorrect.

Identify a statement that is an accurate definition of an application firewall?

A. Protects against threats contained in email: Incorrect.

B. Prevents viruses and malware: Incorrect.

C. Detects intrusion attempts into the network: Incorrect.

D. Detects the unauthorized use of HTTP: Correct!

Identify a statement that is an accurate description of a situation where you should implement dynamic NAT on a Cisco ASA Series 9.x firewall when securing the company internet edge?

A. Employees must be able to access an email server from the internet.: Incorrect.

B. Internal applications must be able to download update packages automatically.: Correct!

C. External suppliers must be able to access servers in the DMZ.: Incorrect.

D. Company servers in the same DMZ segment must be able to communicate with each other.: Incorrect.

An application downloaded by a user from the Internet describes itself as antivirus software. Upon downloading it is discovered that the application is stealing sensitive data and providing unauthorized backdoor access to the system. Identify the kind of malware it is.

A. Trojan: Correct!

B. Worm: Incorrect.

C. Virus: Incorrect.

D. Botnet: Incorrect.

Identify a Cisco appliance that provides web reputation capabilities, cloud-based zero-day threat detection services and leak prevention with malware protection.

A. DLP: Incorrect.

B. AMP: Incorrect.

C. AVC: Incorrect.

D. WSA: Correct!

If you have the environment reflected in the exhibit, and you configure IP addressing, interface naming, Port Address Translation (PAT), routing and the security level on a Cisco ASA 5512-X. In which two firewall attributes an internal user can access the internet by default? (opt any two)

A. Modular Policy Framework (MPF): Incorrect.

B. A stateful inspection filter: Correct!

C. The Web Cache Coordination Protocol (WCCP): Incorrect.

D. Access control policies: Correct!

What is the title given to someone who find vulnerabilities before a software launch by bug-testing a system?

A. White hat hacker: Incorrect.

B. Blue hat hacker: Correct!

C. Gray hat hacker: Incorrect.

D. Black hat hacker: Incorrect.

Refer to the exhibit. If you want to allow ASDM access from PC1 on port 4443, which set of commands would you use?

A. http server enable 4443 http 192.168.1.11 255.255.255.255 GO: Incorrect.

B. http server enable 4443 http 192.168.1.11 255.255.255.255 inside: Correct!

C. http server enable 4443 http 192.168.1.11 0.0.0.0 inside: Incorrect.

D. http server enable 4443 http 192.168.1.11 0.0.0.0 inside: Incorrect.

You use the debug aaa authentication command while troubleshooting a local TACACS+ authentication issue. If authentication is successful what is the expected AAA session status?