P.S. Top Quality 210-260 bootcamp are available on Google Drive, GET MORE: https://drive.google.com/open?id=18pZ7Xebg0YZOwsiIMF0baJMeHvQ2WdFK
New Cisco 210-260 Exam Dumps Collection (Question 6 - Question 15)
Question No: 6
Which option describes information that must be considered when you apply an access list to a physical interface?
A. Protocol used for filtering
B. Direction of the access class
C. Direction of the access group
D. Direction of the access list
Answer: C
Question No: 7
In which two situations should you use in-band management? (Choose two.)
A. when management applications need concurrent access to the device
B. when you require administrator access from multiple locations
C. when a network device fails to forward packets
D. when you require ROMMON access
E. when the control plane fails to respond
Answer: A,B
Question No: 8
In a security context, which action can you take to address compliance?
A. Implement rules to prevent a vulnerability.
B. Correct or counteract a vulnerability.
C. Reduce the severity of a vulnerability.
D. Follow directions from the security appliance manufacturer to remediate a vulnerability.
Answer: A
Question No: 9
Which sensor mode can deny attackers inline?
A. IPS
B. fail-close
C. IDS
D. fail-open
Answer: A
Question No: 10
Which two characteristics apply to an Intrusion Prevention System (IPS) ? Choose two
A. Does not add delay to the original traffic.
B. Cabled directly inline with the flow of the network traffic.
C. Can drop traffic based on a set of rules.
D. Runs in promoscous mode.
E. Cannot drop the packet on its own
Answer: B,C
Explanation: + Position in the network flow: Directly inline with the flow of network traffic and every packet goes through the sensor on its way through the network.
+ Mode: Inline mode
+ The IPS can drop the packet on its own because it is inline. The IPS can also request assistance from
another device to block future packets just as the IDS does.
Source: Cisco Official Certification Guide, Table 17-2 IDS Versus IPS, p.461
Question No: 11
Which of the following statements about access lists are true? (Choose three.)
A. Extended access lists should be placed as near as possible to the destination
B. Extended access lists should be placed as near as possible to the source
C. Standard access lists should be placed as near as possible to the destination
D. Standard access lists should be placed as near as possible to the source
E. Standard access lists filter on the source address
F. Standard access lists filter on the destination address
Answer: B,C,E
Question No: 12
Which type of PVLAN port allows a host in the same VLAN to communicate only with promiscuous hosts?
A. Community host in the PVLAN
B. Isolated host in the PVLAN
C. Promiscuous host in the PVLAN
D. Span for host in the PVLAN
Answer: B
Question No: 13
Refer to the exhibit.
For which reason is the tunnel unable to pass traffic?
A. UDP port 500 is blocked.
B. The IP address of the remote peer is incorrect.
C. The tunnel is failing to receive traffic from the remote peer.
D. The local peer is unable to encrypt the traffic.
Answer: C
Question No: 14
Refer to the below.
Which statement about this debug output is true?
A. The requesting authentication request came from username GETUSER.
B. The TACACS+ authentication request came from a valid user.
C. The TACACS+ authentication request passed, but for some reason the user's connection was closed immediately.
D. The initiating connection request was being spoofed by a different source address.
Answer: B
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/debug/command/reference/dbfser.html debug tacacs
To display information associated with the TACACS, use the debug tacacs privileged EXEC command. The no form of this command disables debugging output.
debug tacacs
no debug tacacs
The following is sample output from the debug tacacs command for a TACACS login attempt that was successful, as indicated by the status PASS:
Router# debug tacacs
14:00:09: TAC+: Opening TCP/IP connection to 192.168.60.15 using source 10.116.0.79 14:00:09: TAC+: Sending TCP/IP packet number 383258052-1 to 192.168.60.15
(AUTHEN/START)
14:00:09: TAC+: Receiving TCP/IP packet number 383258052-2 from 192.168.60.15 14:00:09: TAC+ (383258052): received authen response status = GETUSER 14:00:10: TAC+: send AUTHEN/CONT packet
14:00:10: TAC+: Sending TCP/IP packet number 383258052-3 to 192.168.60.15 (AUTHEN/CONT)
14:00:10: TAC+: Receiving TCP/IP packet number 383258052-4 from 192.168.60.15 14:00:10: TAC+ (383258052): received authen response status = GETPASS 14:00:14: TAC+: send AUTHEN/CONT packet
14:00:14: TAC+: Sending TCP/IP packet number 383258052-5 to 192.168.60.15 (AUTHEN/CONT)
14:00:14: TAC+: Receiving TCP/IP packet number 383258052-6 from 192.168.60.15 14:00:14: TAC+ (383258052): received authen response status = PASS
14:00:14: TAC+: Closing TCP/IP connection to 192.168.60.15
Question No: 15
When an administrator initiates a device wipe command from the ISE, what is the immediate effect?
A. It requests the administrator to choose between erasing all device data or only managed corporate data.
B. It requests the administrator to enter the device PIN or password before proceeding with the operation.
C. It notifies the device user and proceeds with the erase operation.
D. It immediately erases all data on the device.
Answer: A
100% Refresh Cisco 210-260 Questions & Answers shared by Surepassexam, Get HERE: https://www.surepassexam.com/210-260-exam-dumps.html (New 387 Q&As)