Certification Exam Prep Questions For Implementing Cisco Network (210-260)

Name: Implementing Cisco Network
SKU: Implementing Cisco Network
Price: 109 USD
Availability: InStock

QuickStart is now offering assessment questions for Implementing Cisco Network. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for Implementing Cisco Network.

You enable SNMPv3 on a cisco router using the following commands: Access-list 90 permit 10.10.10.0 0.0.0.255 Access-list 90 deny any log Snmp-server user admin TEST v3 auth sha secret989! Priv aes 256 Pass8718! Access 90 Which security level is being used?

A. noAuthNopriv: Incorrect.

B. authpriv: Correct!

C. aes: Incorrect.

D. authNoPriv: Incorrect.

What should you implement on a switch to mitigate VLAN hopping attacks?

A. Turn off auto trunking on all user facing ports: Correct!

B. Configure all ports as dynamic desirable ports: Incorrect.

C. Turn off STP for VLAN 1: Incorrect.

D. Enable Q-in-Q tunneling: Incorrect.

Router R1 has been configured using a firewall.Which zones are shown in the exhibit?

A. 1-inside,2 – DMZ, 3 – self, 4-outside: Correct!

B. 1-inside,2 – self, 3 – inside, 4- outside: Incorrect.

C. 1-DMZ,2-inside , 3 -self,4 -outside: Incorrect.

D. 1-inside,2 – DMZ, 3 – self, 4-Private: Incorrect.

You are connected to an ASA firewall using cisco anyconnect.youcheck the route details as shown in the exhibit . Which anyconnect option has been enabled to exclude the default route?

A. Spilit tunning: Correct!

B. Hair pinning: Incorrect.

C. URL Handler: Incorrect.

D. Always on: Incorrect.

Which access method of Packet capture offers a hardware tool with no risk of dropped packets?

A. RSPAN: Incorrect.

B. SPAN: Incorrect.

C. Media converter: Incorrect.

D. Network TAP: Correct!

Which two features have been enabled on the ASA?(Choosetwo)

A. Two hosts connected to the same interface can exchange traffic: Correct!

B. Jumbo frame reservation has been enabled: Incorrect.

C. The Management interface has been enabled: Incorrect.

D. Two interfaces using the same security level can exchange traffic: Correct!

You have a private VLAN configured as shown in the exhibit. Which statement accurately describes the behavior of the private VLAN?

A. The broadcast traffic from port 7 will reach port 1.: Incorrect.

B. The broadcast traffic from port 3 will reach port 5.: Incorrect.

C. The broadcast traffic from port 5 will reach port 6.: Correct!

D. The broadcast traffic from port 1 will reach port 2.: Incorrect.

The broadcast traffic from port 1 will reach port 2.

A. There are not enough SSL licenses.: Correct!

B. WebVPN has been disabled.: Incorrect.

C. The SSL session keyword is missing.: Incorrect.

D. The SSL session feature has been disabled.: Incorrect.

Which command enables the IOS resilience feature on a router?

A. Service password-recovery: Incorrect.

B. Secure boot-image: Correct!

C. Secure boot-config: Incorrect.

D. Secure bootset: Incorrect.

You are debugging an issue with an IPsec VPN tunnel. You find the following error: %CRPT0-4-1KMP_BAD_MESSAGE: IKE message from 121.142.120.42 failed its sanity check or is malformed. What should you verify on both routers to fix the problem?

A. Peer IP addresses: Incorrect.

B. Access lists: Incorrect.

C. Pre-shared keys: Correct!

D. Phase 1 hash proposals: Incorrect.

Which IPS action terminates the current packet and all the futures packets from an attacker address?

A. Deny attacker inline: Correct!

B. Deny connection inline: Incorrect.

C. Modify packet inline: Incorrect.

D. Deny packet inline: Incorrect.

Which method uses a dedicated physical interface and a separate communication channel to manage a network device?

A. AAA: Incorrect.

B. In-band: Incorrect.

C. VRF: Incorrect.

D. Out-of-band: Correct!

You are configuring a VPN policy. Your manager has asked you to use the next-generation cryptographic algorithms. Which two Dithe-Hellman groups shown in the exhibit should you choose? (Choose two.)

A. 15: Incorrect.

B. 2: Incorrect.

C. 19: Correct!

D. 20: Correct!

You configure a native VLAN on a Cisco switch. Why should you change the default native VLAN ID?

A. An unauthorized user can control other computers connected to the same switch.: Incorrect.

B. Unauthorized user communications will be blocked.: Incorrect.

C. An unauthorized user can control the switch remotely.: Incorrect.

D. An unauthorized user can send untagged frames to the switch.: Correct!

Which statement accurately describes the Web Interaction Tracking feature in a Cisco Email Security Appliance (ESA)?

A. Tracks user clicks on URLs in emails: Correct!

B. Provides statistics on web pages that users visit: Incorrect.

C. Displays a web page to warn users about malware: Incorrect.

D. Blocks user access to specific URLs from the email client: Incorrect.

Which statement accurately describes an application firewall?

A. Detects intrusion attempts into the network: Incorrect.

B. Detects the unauthorized use of HTTP: Correct!

C. Protects against threats contained in email: Incorrect.

D. Prevents viruses and malware: Incorrect.

Which statement accurately describes a situation in which you should implement dynamic NAT on a Cisco ASA Series 9.x firewall to secure the company internet edge?

A. • External suppliers must be able to access servers in the DMZ.: Incorrect.

B. Internal applications must be able to download update packages automatically.: Correct!

C. Company servers in the same DMZ segment must be able to communicate with each other.: Incorrect.

D. Employees must be able to access an email server from the internet.: Incorrect.

A user downloads an application from the Internet that has been described as antivirus software. However. the application steals sensitive data and provides unauthorized backdoor access to the system. What kind of malware is this?

A. Virus: Incorrect.

B. Botnet: Incorrect.

C. Trojan: Correct!

D. Worm: Incorrect.

Which Cisco appliance provides web reputation capabilities, leak prevention, and cloud-based zero-day threat detection services with malware protection?

A. AMP: Incorrect.

B. WSA: Correct!

C. AVC: Incorrect.

D. DLP: Incorrect.

You have the environment shown in the exhibit. You configure interface naming. IP addressing. routing, Port Address Translation (PAT), and the security level on a Cisco ASA 5512-X. Which two firewall attributes allow an internal user to access the internet by default? (Choose two.)

A. The Web Cache Coordination Protocol (WCCP): Incorrect.

B. Access control policies: Correct!

C. Modular Policy Framework (MPF): Incorrect.

D. A stateful inspection filter: Correct!

What do you call someone who bug-tests a system to find vulnerabilities before a software launch?

A. Black hat hacker: Incorrect.

B. White hat hacker: Incorrect.

C. Gray hat hacker: Incorrect.

D. Blue hat hacker: Correct!

Refer to the exhibit. Which set of commands should you use to allow ASDM access from PC1 on port 4443?

A. http server enable 4443 http 192.168.1.11 0.0.0.0 inside: Incorrect.

B. http server enable 4443 http 192.168.1.11 255.255.255.255 inside: Correct!

C. http server enable 4443 http 192.168.1.11 255.255.255.255 GO: Incorrect.

D. http server enable 4443 http 192.168.1.11 0.0.0.0 inside: Incorrect.

You are troubleshooting a local TACACS+ authentication issue using the debug aaa authentication command. What is the expected AAA session status if authentication is successful?