Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 July Cisco Official New Released 210-260
100% Free Download! 100% Pass Guaranteed!
Implementing Cisco Network Security
Question No: 171
Which two features of Cisco Web Reputation tracking can mitigate web-based threats? (Choose Two)
-
outbreak filter
-
buffer overflow filter
-
bayesian filter
-
web reputation filter
-
exploit filtering
Answer: A,D
Explanation: Cisco IronPort Outbreak Filters provide a critical first layer of defense against new outbreaks. With this proven preventive solution, protection begins hours before signatures used by traditional antivirus solutions are in place. Real-world results show an average 14-hour lead time over reactive antivirus solutions.
SenderBase, the world#39;s largest email and web traffic monitoring network, provides real- time protection. The Cisco IronPort SenderBase Network captures data from over 120,000 contributing organizations around the world.
Source: http://www.cisco.com/c/en/us/products/security/email-security- appliance/outbreak_filters_index.html
Question No: 172
Which three ESP fields can be encrypted during transmission? (Choose three.)
-
Security Parameter Index
-
Sequence Number
-
MAC Address
-
Padding
-
Pad Length
-
Next Header
Answer: D,E,F
Question No: 173
What security feature allows a private IP address to access the Internet by translating it to a public address?
-
NAT
-
hairpinning
-
Trusted Network Detection
-
Certification Authority
Answer: A
Question No: 174
How many crypto map sets can you apply to a router interface?
-
3
-
2
-
4
-
1
Answer: D
Question No: 175
What type of algorithm uses the same key to encrypt and decrypt data?
-
a symmetric algorithm
-
an asymmetric algorithm
-
a Public Key Infrastructure algorithm
-
an IP security algorithm
Answer: A
Question No: 176
Within an 802.1X enabled network with the Auth Fail feature configured, when does a switch port get placed into a restricted VLAN?
-
When 802.1X is not globally enabled on the Cisco catalyst switch
-
When AAA new-model is enabled
-
When a connected client fails to authenticate after a certain number of attempts
-
If a connected client does not support 802.1X
-
After a connected client exceeds a specific idle time
Answer: C
Question No: 177
What is the best way to confirm that AAA authentication is working properly?
-
Use the test aaa command.
-
Ping the NAS to confirm connectivity.
-
Use the Cisco-recommended configuration for AAA authentication.
-
Log into and out of the router, and then check the NAS authentication log.
Answer: A
Question No: 178
Which statements about reflexive access lists are true? (Choose three.)
-
Reflexive access lists create a permanent ACE
-
Reflexive access lists approximate session filtering using the established keyword
-
Reflexive access lists can be attached to standard named IP ACLs
-
Reflexive access lists support UDP sessions
-
Reflexive access lists can be attached to extended named IP ACLs
-
Reflexive access lists support TCP sessions
Answer: D,E,F
Question No: 179
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?
-
file reputation
-
file analysis
-
signature updates
-
network blocking
Answer: A
Question No: 180
Which IPS mode provides the maximum number of actions?
-
inline
-
promiscuous
-
span
-
failover
-
bypass
Answer: A
100% Dumps4cert Free Download!
–Download Free Demo:210-260 Demo PDF
100% Dumps4cert Pass Guaranteed!
–210-260 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |