P.S. Precise 210-260 forum are available on Google Drive, GET MORE: https://drive.google.com/open?id=1Kl4PFWi2xwwT55i2I8OXlDu8m47EY9P5
New Cisco 210-260 Exam Dumps Collection (Question 5 - Question 14)
Q1. Which IPS mode is less secure than other options but allows optimal network throughput?
A. Promiscuous mode
B. inline mode
C. transparent mode
D. inline-bypass mode
Answer: A
Explanation: The recommended IPS deployment mode depends on the goals and policies of the enterprise. IPS inline mode is more secure because of its ability to stop malicious traffic in real-time, however it may impact traffic throughput if not properly designed or sized. Conversely, IPS promiscuous mode has less impact on traffic throughput but is less secure because there may be a delay in reacting to the malicious traffic. https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/SAFE_RG/safesmallen tnetworks.html
Q2. What port option in a PVLAN that can communicate with every other portsu2026
A. promiscous
Answer: A
Q3. Which statement about communication over failover interfaces is true?
A. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default.
B. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default.
C. All information that is sent over the failover and stateful failover interfaces is encrypted by default.
D. User names, passwords, and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text.
Answer: A
Q4. Which components does HMAC use to determine the authenticity and integrity of a message? (Choose two.)
A. The password
B. The hash
C. The key
D. The transform set
Answer: B,C
Q5. What do you use when you have a network object or group and want to use an IP address?
A. Static NAT
B. Dynamic NAT
C. identity NAT
D. Static PAT
Answer: B
Q6. Within an 802.1X enabled network with the Auth Fail feature configured, when does a switch port get placed into a restricted VLAN?
A. When 802.1X is not globally enabled on the Cisco catalyst switch
B. When AAA new-model is enabled
C. When a connected client fails to authenticate after a certain number of attempts
D. If a connected client does not support 802.1X
E. After a connected client exceeds a specific idle time
Answer: C
Q7. By default, how does a zone-based firewall handle traffic to and from the self zone?
A. It permits all traffic without inspection.
B. It inspects all traffic to determine how it is handled.
C. it permits all traffic after inspection
D. it drops all traffic.
Answer: C
Q8. What is the purpose of the Integrity component of the CIA triad?
A. to ensure that only authorized parties can modify data
B. to determine whether data is relevant
C. to create a process for accessing data
D. to ensure that only authorized parties can view data
Answer: A
Q9. Which network device does NTP authenticate?
A. Only the time source
B. Only the client device
C. The firewall and the client device
D. The client device and the time source
Answer: A
Q10. Which quantifiable item should you consider when your organization adopts new technologies?
A. threats
B. vulnerability
C. risk
D. exploits
Answer: C
100% Down to date Cisco 210-260 Questions & Answers shared by Examcollectionplus, Get HERE: https://www.examcollectionplus.net/vce-210-260/ (New 310 Q&As)