210-260 Implementing Cisco Network Security

Page 1   
Question 1

By which kind of threat is the victim tricked into entering username and password
information at a disguised website?

  • A. Spoofing
  • B. Malware
  • C. Spam
  • D. Phishing

Answer : D

Question 2

SYN flood attack is a form of ?

  • A. Denial of Service attack
  • B. Man in the middle attack
  • C. Spoofing attack

Answer : A

Question 3

What data is transferred during DH for making public and private key?

  • A. Random prime Integer
  • B. Encrypted data transfer
  • C. Diffie-Hellman

Answer : A

Question 4

Which type of secure connectivity does an extranet provide?

  • A. other company networks to your company network
  • B. remote branch offices to your company network
  • C. your company network to the Internet
  • D. new networks to your company network

Answer : A

Question 5

What feature defines a campus area network?

  • A. It has a single geographic location.
  • B. It has limited or restricted Internet access.
  • C. It has a limited number of segments.
  • D. it lacks external connectivity.

Answer : A

Question 6

Which command is needed to enable SSH support on a Cisco Router?

  • A. crypto key lock rsa
  • B. crypto key generate rsa
  • C. crypto key zeroize rsa
  • D. crypto key unlock rsa

Answer : B

Question 7

Which technology can be used to rate data fidelity and to provide an authenticated hash for

  • A. file reputation
  • B. file analysis
  • C. signature updates
  • D. network blocking

Answer : A

Question 8

Refer to the below.

Which statement about this debug output is true?

  • A. The requesting authentication request came from username GETUSER.
  • B. The TACACS+ authentication request came from a valid user.
  • C. The TACACS+ authentication request passed, but for some reason the user's connection was closed immediately.
  • D. The initiating connection request was being spoofed by a different source address.

Answer : B

Explanation: http://www.cisco.com/en/US/docs/ios/12_2/debug/command/reference/dbfser.html debug tacacs To display information associated with the TACACS, use the debug tacacs privileged EXEC command. The no form of this command disables debugging output. debug tacacs no debug tacacs The following is sample output from the debug tacacs command for a TACACS login attempt that was successful, as indicated by the status PASS: Router# debug tacacs 14:00:09: TAC+: Opening TCP/IP connection to using source 14:00:09: TAC+: Sending TCP/IP packet number 383258052-1 to (AUTHEN/START) 14:00:09: TAC+: Receiving TCP/IP packet number 383258052-2 from 14:00:09: TAC+ (383258052): received authen response status = GETUSER 14:00:10: TAC+: send AUTHEN/CONT packet 14:00:10: TAC+: Sending TCP/IP packet number 383258052-3 to (AUTHEN/CONT) 14:00:10: TAC+: Receiving TCP/IP packet number 383258052-4 from 14:00:10: TAC+ (383258052): received authen response status = GETPASS 14:00:14: TAC+: send AUTHEN/CONT packet 14:00:14: TAC+: Sending TCP/IP packet number 383258052-5 to (AUTHEN/CONT) 14:00:14: TAC+: Receiving TCP/IP packet number 383258052-6 from 14:00:14: TAC+ (383258052): received authen response status = PASS 14:00:14: TAC+: Closing TCP/IP connection to

Question 9

Which type of IPS can identify worms that are propagating in a network?

  • A. Policy-based IPS
  • B. Anomaly-based IPS
  • C. Reputation-based IPS
  • D. Signature-based IPS

Answer : B

Question 10

Which protocol provides security to Secure Copy?

  • A. IPsec
  • B. SSH
  • C. HTTPS
  • D. ESP

Answer : B

Question 11

Which command initializes a lawful intercept view?

  • A. username cisco1 view lawful-intercept password cisco
  • B. parser view cisco li-view
  • C. li-view cisco user cisco1 password cisco
  • D. parser view li-view inclusive

Answer : C

Question 12

Which firewall configuration must you perform to allow traffic to flow in both directions
between two zones?

  • A. You must configure two zone pairs, one for each direction.
  • B. You can configure a single zone pair that allows bidirectional traffic flows for any zone.
  • C. You can configure a single zone pair that allows bidirectional traffic flows for any zone except the self zone.
  • D. You can configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone.

Answer : A

Question 13

Which type of PVLAN port allows communication from all port types?

  • A. isolated
  • B. community
  • C. in-line
  • D. promiscuous

Answer : D

Question 14

You have implemented a Sourcefire IPS and configured it to block certain addresses
utilizing Security Intelligence IP Address Reputation. A user calls and is not able to access
a certain IP address. What action can you take to allow the user access to the IP address?

  • A. Create a whitelist and add the appropriate IP address to allow the traffic.
  • B. Create a custom blacklist to allow the traffic.
  • C. Create a user based access control rule to allow the traffic.
  • D. Create a network based access control rule to allow the traffic.
  • E. Create a rule to bypass inspection to allow the traffic.

Answer : A

Question 15

In this simulation, you have access to ASDM only. Review the various ASA configurations
using ASDM then answer the five multiple choice questions about the ASA SSLVPN
To access ASDM, click the ASA icon in the topology diagram.
Note: Not all ASDM functionalities are enabled in this simulation.
To see all the menu options available on the left navigation pane, you may also need to un-
expand the expanded menu first.


  • A. test
  • B. clientless
  • C. Sales
  • D. DfltGrpPolicy
  • E. DefaultRAGroup
  • F. DefaultWEBVPNGroup

Answer : C

Explanation: First navigate to the Connection Profiles tab as shown below, highlight the one with the test alias:

Then hit the edit button and you can clearly see the Sales Group Policy being applied.

Page 1