P.S. Top Quality 210-260 bible are available on Google Drive, GET MORE: https://drive.google.com/open?id=1Kl4PFWi2xwwT55i2I8OXlDu8m47EY9P5
New Cisco 210-260 Exam Dumps Collection (Question 4 - Question 13)
Question No: 4
What are the three layers of a hierarchical network design? (Choose three.)
A. access
B. core
C. distribution
D. user
E. server
F. Internet
Answer: A,B,C
Question No: 5
How does a zone-based firewall implementation handle traffic between interfaces in the same zone?
A. Traffic between two interfaces in the same zone is allowed by default.
B. Traffic between interfaces in the same zone is blocked unless you configure the same- security permit command.
C. Traffic between interfaces in the same zone is always blocked.
D. Traffic between interfaces in the same zone is blocked unless you apply a service policy to the zone pair.
Answer: A
Question No: 6
Which type of PVLAN port allows communication from all port types?
A. isolated
B. community
C. in-line
D. promiscuous
Answer: D
Question No: 7
Refer to the exhibit.
Which statement about this output is true?
A. The user logged into the router with the incorrect username and password.
B. The login failed because there was no default enable password.
C. The login failed because the password entered was incorrect.
D. The user logged in and was given privilege level 15.
Answer: C
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/debug/command/reference/dbfaaa.html debug aaa authentication
To display information on AAA/Terminal Access Controller Access Control System Plus (TACACS+) authentication, use the debug aaa authentication privileged EXEC command.
To disable debugging command, use the no form of the command. debug aaa authentication
no debug aaa authentication
The following is sample output from the debug aaa authentication command. A single EXEC login that uses the "default" method list and the first method, TACACS+, is displayed. The TACACS+ server sends a GETUSER request to prompt for the username and then a GETPASS request to prompt for the password, and finally a PASS response to indicate a successful login. The number 50996740 is the session ID, which is unique for each authentication. Use this ID number to distinguish between different authentications if several are occurring concurrently.
Router# debug aaa authentication
6:50:12: AAA/AUTHEN: create_user user='' ruser='' port='tty19' rem_addr='172.31.60.15' authen_type=1 service=1 priv=1
6:50:12: AAA/AUTHEN/START (0): port='tty19' list='' action=LOGIN service=LOGIN 6:50:12: AAA/AUTHEN/START (0): using "default" list
6:50:12: AAA/AUTHEN/START (50996740): Method=TACACS+
6:50:12: TAC+ (50996740): received authen response status = GETUSER 6:50:12: AAA/AUTHEN (50996740): status = GETUSER
6:50:15: AAA/AUTHEN/CONT (50996740): continue_login
6:50:15: AAA/AUTHEN (50996740): status = GETUSER
6:50:15: AAA/AUTHEN (50996740): Method=TACACS+
6:50:15: TAC+: send AUTHEN/CONT packet
6:50:15: TAC+ (50996740): received authen response status = GETPASS 6:50:15: AAA/AUTHEN (50996740): status = GETPASS
6:50:20: AAA/AUTHEN/CONT (50996740): continue_login
6:50:20: AAA/AUTHEN (50996740): status = GETPASS
6:50:20: AAA/AUTHEN (50996740): Method=TACACS+
6:50:20: TAC+: send AUTHEN/CONT packet
6:50:20: TAC+ (50996740): received authen response status = PASS 6:50:20: AAA/AUTHEN (50996740): status = PASS
Question No: 8
Which two features of Cisco Web Reputation tracking can mitigate web-based threats? (Choose Two)
A. outbreak filter
B. buffer overflow filter
C. bayesian filter
D. web reputation filter
E. exploit filtering
Answer: A,D
Explanation:
Cisco IronPort Outbreak Filters provide a critical first layer of defense against new outbreaks. With this proven preventive solution, protection begins hours before signatures
used by traditional antivirus solutions are in place. Real-world results show an average 14- hour lead time over reactive antivirus solutions.
SenderBase, the world's largest email and web traffic monitoring network, provides real- time protection. The Cisco IronPort SenderBase Network captures data from over 120,000 contributing organizations around the world.
Source: http://www.cisco.com/c/en/us/products/security/email-security-appliance/outbreak_filters_index.html
Question No: 9
Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks?
A. contextual analysis
B. holistic understanding of threats
C. graymail management and filtering
D. signature-based IPS
Answer: A
Question No: 10
An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?
A. The switch could offer fake DHCP addresses.
B. The switch could become the root bridge.
C. The switch could be allowed to join the VTP domain.
D. The switch could become a transparent bridge.
Answer: B
Question No: 11
Which two characteristics of an application layer firewall are true? (Choose two)
A. provides protection for multiple applications
B. is immune to URL manipulation
C. provides reverse proxy services
D. provides stateful firewall functionality
E. has low processor usage
Answer: A,C
Question No: 12
Which option is a key security component of an MDM deployment?
A. using MS-CHAPv2 as the primary EAP method.
B. using self-signed certificates to validate the server.
C. using network-specific installer packages
D. using an application tunnel by default.
Answer: B
Question No: 13
Which two devices are components of the BYOD architectural framework?
A. Prime Infrastructure
B. Nexus 7010 Switch
C. Cisco 3945 Router
D. Wireless Access Points
E. Identity Services Engine
Answer: A,E
100% Refresh Cisco 210-260 Questions & Answers shared by Certifytools, Get HERE: https://www.certifytools.com/210-260-exam.html (New 387 Q&As)