P.S. Certified 210-260 item pool are available on Google Drive, GET MORE: https://drive.google.com/open?id=1vkyWuCceSS4_Yw83isWjMHMxw-tsQUcW
New Cisco 210-260 Exam Dumps Collection (Question 3 - Question 12)
Question No: 3
How to verify that TACACS+ connectivity to a device?
A. You successfully log in to the device by using the local credentials.
B. You connect to the device using SSH and receive the login prompt.
C. You successfully log in to the device by using ACS credentials.
D. You connect via console port and receive the login prompt.
Answer: B
Question No: 4
CORRECT TEXT
Scenario
Given the new additional connectivity requirements and the topology diagram, use ASDM to accomplish the required ASA configurations to meet the requirements.
New additional connectivity requirements:
Once the correct ASA configurations have been configured: To access ASDM, click the ASA icon in the topology diagram.
To access the Firefox Browser on the Outside PC, click the Outside PC icon in the topology diagram.
To access the Command prompt on the Inside PC, click the Inside PC icon in the topology diagram.
Note:
After you make the configuration changes in ASDM, remember to click Apply to apply the configuration changes.
Not all ASDM screens are enabled in this simulation, if some screen is not enabled, try to use different methods to configure the ASA to meet the requirements.
In this simulation, some of the ASDM screens may not look and function exactly like the real ASDM.
Answer:
Follow the explanation part to get answer on this sim question.
Explanation:
First, for the HTTP access we need to creat a NAT object. Here I called it HTTP but it can be given any name.
Then, create the firewall rules to allow the HTTP access:
You can verify using the outside PC to HTTP into 209.165.201.30.
For step two, to be able to ping hosts on the outside, we edit the last service policy shown below:
And then check the ICMP box only as shown below, then hit Apply.
After that is done, we can pingwww.cisco.comagain to verify:
Question No: 5
Scenario
In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations.
To access ASDM, click the ASA icon in the topology diagram. Note: Not all ASDM functionalities are enabled in this simulation.
To see all the menu options available on the left navigation pane, you may also need to un- expand the expanded menu first.
Which two statements regarding the ASA VPN configurations are correct? (Choose two)
A. The ASA has a certificate issued by an external Certificate Authority associated to the ASDM_TrustPoint1.
B. The DefaultWEBVPNGroup Connection Profile is using the AAA with RADIUS server method.
C. The Inside-SRV bookmark references thehttps://192.168.1.2URL
D. Only Clientless SSL VPN access is allowed with the Sales group policy
E. AnyConnect, IPSec IKEv1, and IPSec IKEv2 VPN access is enabled on the outside
interface
F. The Inside-SRV bookmark has not been applied to the Sales group policy
Answer: B,C
Explanation:
For B:
For C, Navigate to the Bookmarks tab:
Then hit u201ceditu201d and you will see this:
Not A, as this is listed under the Identity Certificates, not the CA certificates:
Note E:
Question No: 6
With which technology do apply integrity, confidentially and authenticate the source
A. IPSec
B. IKE
C. Certificate authority
D. Data encryption standards
Answer: A
Question No: 7
Which four tasks are required when you configure Cisco IOS IPS using the Cisco Configuration Professional IPS wizard? (Choose four.)
A. Select the interface(s) to apply the IPS rule.
B. Select the traffic flow direction that should be applied by the IPS rule.
C. Add or remove IPS alerts actions based on the risk rating.
D. Specify the signature file and the Cisco public key.
E. Select the IPS bypass mode (fail-open or fail-close).
F. Specify the configuration location and select the category of signatures to be applied to the selected interface(s).
Answer: A,B,D,F
Explanation:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/prod_white_paper0900aecd8066d265.html
Step 11. At the `Select Interfaces' screen, select the interface and the direction that IOS IPS will be applied to, then click `Next' to continue.
Step 12. At the `IPS Policies Wizard' screen, in the `Signature File' section, select the first radio button "Specify the signature file you want to use with IOS IPS", then click the "..." button to bring up a dialog box to specify the location of the signature package file, which will be the directory specified in Step 6. In this example, we use tftp to download the signature package to the router.
Step 13. In the `Configure Public Key' section, enter `realm-cisco.pub' in the `Name' text field, then copy and paste the following public key's key-string in the `Key' text field. This public key can be downloaded from
Cisco.com at: http://www.cisco.com/pcgi-bin/tablebuild.pl/ios-v5sigup. Click `Next' to continue.
30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A 02820101
00C19E93 A8AF124A D6CC7A24 5097A975 206BE3A2 06FBA13F 6F12CB5B 4E441F16
17E630D5 C02AC252 912BE27F 37FDD9C8 11FC7AF7 DCDD81D9 43CDABC3
6007D128
B199ABCB D34ED0F9 085FADC1 359C189E F30AF10A C0EFB624 7E0764BF 3E53053E
5B2146A9 D7A5EDE3 0298AF03 DED7A5B8 9479039D 20F30663 9AC64B93 C0112A35 FE3F0C87 89BCB7BB 994AE74C FA9E481D F65875D6 85EAF974 6D9CC8E3 F0B08B85
50437722 FFBE85B9 5E4189FF CC189CB9 69C46F9C A84DFBA5 7A0AF99E AD768C36
006CF498 079F88F8 A3B3FB1F 9FB7B3CB 5539E1D1 9693CCBB 551F78D2 892356AE
2F56D826 8918EF3C 80CA4F4D 87BFCA3B BFF668E9 689782A5 CF31CB6E B4B094D3
F3020301 0001
Question No: 8
Which option is a weakness in an information system that an attacker might leverage to gain unauthorized access to the system or its data?
A. hack
B. mitigation
C. risk
D. vulnerability
E. exploit
Answer: D
Explanation: vulnerability A flaw or weakness in a systemu2021s design or implementation that could be exploited.
Question No: 9
What are two ways to prevent eavesdropping when you perform device-management tasks? (Choose two.)
A. Use an SSH connection.
B. Use SNMPv3.
C. Use out-of-band management.
D. Use SNMPv2.
E. Use in-band management.
Answer: A,B
Question No: 10
Which type of attack is directed against the network directly:
A. Denial of Service
B. phishing
C. trojan horse
Answer: A
Question No: 11
Which wildcard mask is associated with a subnet mask of /27?
A. 0.0.0.31
B. 0.0.027
C. 0.0.0.224
D. 0.0.0.255
Answer: A
Question No: 12
How does PEAP protect the EAP exchange?
A. It encrypts the exchange using the server certificate.
B. It encrypts the exchange using the client certificate.
C. It validates the server-supplied certificate, and then encrypts the exchange using the client certificate.
D. It validates the client-supplied certificate, and then encrypts the exchange using the server certificate.
Answer: A
Recommend!! Get the Certified 210-260 dumps in VCE and PDF From Examcollection, Welcome to download: http://www.examcollectionuk.com/210-260-vce-download.html (New 387 Q&As Version)