210-260 Dumps 210-260 Exam Questions 210-260 New Questions 210-260 PDF 210-260 VCE Cisco

[2017 New] 210-260 New Questions Free Download In Lead2pass (101-120)

2017 July Cisco Official New Released 210-260 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

210-260 exam questions and answers provided by Lead2pass will guarantee you pass 210-260 exam, because Lead2pass is the top IT Certification study training materials vendor. Many candidates have passed exam with the help of Lead2pass. We offer the latest 210-260 PDF and VCE dumps with new version VCE player for free download, you can pass the exam beyond any doubt.

Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/210-260.html

QUESTION 101
What type of security support is provided by the Open Web Application Security Project?

A.    Education about common Web site vulnerabilities.
B.    A Web site security framework.
C.    A security discussion forum for Web site developers.
D.    Scoring of common vulnerabilities and exposures.

Answer: A

QUESTION 102
What is the FirePOWER impact flag used for?

A.    A value that indicates the potential severity of an attack.
B.    A value that the administrator assigns to each signature.
C.    A value that sets the priority of a signature.
D.    A value that measures the application awareness.

Answer: A

QUESTION 103
Which two services define cloud networks? (Choose two.)

A.    Infrastructure as a Service
B.    Platform as a Service
C.    Compute as a Service
D.    Security as a Service
E.    Tenancy as a Service

Answer: AB

QUESTION 104
In a security context, which action can you take to address compliance?

A.    Implement rules to prevent a vulnerability
B.    Correct or counteract a vulnerability
C.    Reduce the severity of a vulnerability
D.    Follow directions from the security appliance manufacturer to remediate a vulnerability

Answer: A

QUESTION 105
How many times was a read-only string used to attempt a write operation?
 
A.    6
B.    9
C.    4
D.    3
E.    2

Answer: B

QUESTION 106
What can the SMTP preprocessor in a FirePOWER normalize?

A.    It can extract and decode email attachments in client to server traffic
B.    It can look up the email sender
C.    it compares known threats to the email sender
D.    It can forward the SMTP traffic to an email filter server
E.    It uses the Traffic Anomaly Detector

Answer: A

QUESTION 107
You want to allow all of your companies users to access the Internet without allowing other Web servers to collect the IP addresses of individual users.
What two solutions can you use? (Choose two).

A.    Configure a proxy server to hide users local IP addresses
B.    Assign unique IP addresses to all users.
C.    Assign the same IP addresses to all users
D.    Install a Web content filter to hide users local IP addresses
E.    Configure a firewall to use Port Address Translation.

Answer: AE

QUESTION 108
Which two authentication types does OSPF support? (Choose two)

A.    plaintext
B.    MD5
C.    HMAC
D.    AES 256
E.    SHA-1
F.    DES

Answer: AB

QUESTION 109
Refer to the exhibit. The Admin user is unable to enter configuration mode on a device with the given configuration. What change can you make to the configuration to correct the problem?

 

A.    Remove the Auto command keyword and arguments from the Username Admin privilege line
B.    Change the Privilege exec level value to 15
C.    Remove the two Username Admin lines
D.    Remove the Privilege exec line.

Answer: A
Explanation:
The router just executes “show running” and disconnects if set to auto.

QUESTION 110
What command can you use to verify the binding table status?

A.    Show ip dhcp snooping binding
B.    Show ip dhcp snooping database
C.    show ip dhcp snooping statistics
D.    show ip dhcp pool
E.    show ip dhcp source binding
F.    show ip dhcp snooping

Answer: B
Explanation:
“show ip dhcp snooping binding” shows the contents of the binding table, but the summary or overall status is shown by “show ip dhcp snooping database”.

QUESTION 111
If a switch receives a superior BPDU and goes directly into a blocked state, what mecanism must be in use?

A.    Etherchannel guard
B.    root guard
C.    loop guard
D.    BPDU guard

Answer: D
Explanation:
The key here is the word ‘switch’. The entire switch goes into a blocked state, meaning that it can’t participate in STP, it is blocked. Root guard basically puts the port in a listening state rather than forwarding, still allowing the device to participate in STP.

QUESTION 112
What type of packet creates and performs network operations on a network device?

A.    data plane packets
B.    management plane packets
C.    services plane packets
D.    control plane packets

Answer: D

QUESTION 113
Which two statements about stateless firewalls are true? (Choose two.)

A.    They compare the 5-tuple of each incoming packet against configurable rules.
B.    They cannot track connections.
C.    They are designed to work most efficiently with stateless protocols such as HTTP or HTTPS.
D.    Cisco IOS cannot implement them because the platform is stateful by nature.
E.    The Cisco ASA is implicitly stateless because it blocks all traffic by default.

Answer: AB

QUESTION 114
What three actions are limitations when running IPS in promiscuous mode? (Choose three.)

A.    deny attacker
B.    deny packet
C.    modify packet
D.    request block connection
E.    request block host
F.    reset TCP connection

Answer: ABC

QUESTION 115
Which command will configure a Cisco ASA firewall to authenticate users when they enter the enable syntax using the local database with no fallback method?

A.    aaa authentication enable console LOCAL SERVER_GROUP
B.    aaa authentication enable console SERVER_GROUP LOCAL
C.    aaa authentication enable console local
D.    aaa authentication enable console LOCAL

Answer: D

QUESTION 116
Which accounting notices are used to send a failed authentication attempt record to a AAA server? (Choose two.)

A.    start-stop
B.    stop-record
C.    stop-only
D.    stop

Answer: AC

QUESTION 117
If the native VLAN on a trunk is different on each end of the link, what is a potential consequence?

A.    The interface on both switches may shut down
B.    STP loops may occur
C.    The switch with the higher native VLAN may shut down
D.    The interface with the lower native VLAN may shut down

Answer: B

QUESTION 118
Which type of IPS can identify worms that are propagating in a network?

A.    Policy-based IPS
B.    Anomaly-based IPS
C.    Reputation-based IPS
D.    Signature-based IPS

Answer: B

QUESTION 119
By which kind of threat is the victim tricked into entering username and password information at a disguised website?

A.    Spoofing
B.    Malware
C.    Spam
D.    Phishing

Answer: D

QUESTION 120
Which Cisco product can help mitigate web-based attacks within a network?

A.    Adaptive Security Appliance
B.    Web Security Appliance
C.    Email Security Appliance
D.    Identity Services Engine

Answer: B

Lead2pass is the leader in supplying candidates with current and up-to-date training materials for Cisco certification and exam preparation. Comparing with others, our 210-260 exam questions are more authoritative and complete. We offer the latest 210-260 PDF and VCE dumps with new version VCE player for free download, and the new 210-260 dump ensures your exam 100% pass.

210-260 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDRVJLdVdkMjFoQVk

2017 Cisco 210-260 exam dumps (All 265 Q&As) from Lead2pass:

https://www.lead2pass.com/210-260.html [100% Exam Pass Guaranteed]