210-260 Exam Questions Answers
Valid4sure 210-260 VCE Practice Test
New Updated 210-260 Exam Questions from
valid4sure 210-260 PDF dumps! Welcome to
download the newest valid4sure 210-260 VCE dumps: (310 Q&As)
- Cisco Network Security certification exam
Keywords: 210-260
exam dumps, 210-260 exam questions, 210-260 VCE dumps, 210-260 PDF
dumps, 210-260 practice tests, 210-260 study guide, 210-260
braindumps,
210-260 Practice
Test Questions Answers – 210-260 braindump
QUESTION
NO: 21
What
type of algorithm uses the same key to encrypt and decrypt data?
A.
a symmetric algorithm
B.
an asymmetric algorithm
C.
a Public Key Infrastructure algorithm
D.
an IP security algorithm
Answer:
A
QUESTION
NO: 22
How
many times was a read-only string used to attempt a write operation?
A.
9
B.
6
C.
4
D.
3
E.
2
Answer:
A
QUESTION
NO: 23
Which
statement about the device time is true?
A.
The time is authoritative, but the NTP process has lost contact with its
servers.
B.
The time is authoritative because the clock is in sync.
C.
The clock is out of sync.
D.
NTP is configured incorrectly.
E.
The time is not authoritative.
Answer:
A
QUESTION
NO: 24
How
does the Cisco ASA use Active Directory to authorize VPN users?
A.
It queries the Active Directory server for a specific attribute for the
specified user.
B.
It sends the username and password to retrieve an ACCEPT or REJECT message from
the Active Directory server.
C.
It downloads and stores the Active Directory database to query for future
authorization requests.
D.
It redirects requests to the Active Directory server defined for the VPN group.
Answer:
A
QUESTION
NO: 25
Which
statement about Cisco ACS authentication and authorization is true?
A.
ACS servers can be clustered to provide scalability.
B.
ACS can query multiple Active Directory domains.
C.
ACS uses TACACS to proxy other authentication servers.
D.
ACS can use only one authorization profile to allow or deny requests.
Answer:
A
QUESTION
NO: 26
If
a supplicant supplies incorrect credentials for all authentication methods
configured on the switch, how will the switch respond?
A.
The supplicant will fail to advance beyond the webauth method.
B.
The switch will cycle through the configured authentication methods
indefinitely.
C.
The authentication attempt will time out and the switch will place the port
into the unauthorized state.
D.
The authentication attempt will time out and the switch will place the port
into VLAN 101.
Answer:
A
QUESTION
NO: 27
Which
EAP method uses Protected Access Credentials?
A.
EAP-FAST
B.
EAP-TLS
C.
EAP-PEAP
D.
EAP-GTC
Answer:
A
QUESTION
NO: 28
What
is one requirement for locking a wired or wireless device from ISE?
A.
The ISE agent must be installed on the device.
B.
The device must be connected to the network when the lock command is executed.
C.
The user must approve the locking action.
D.
The organization must implement an acceptable use policy allowing device
locking.
Answer:
A
QUESTION
NO: 29
What
VPN feature allows traffic to exit the security appliance through the same
interface it entered?
A.
hairpinning
B.
NAT
C.
NAT traversal
D.
split tunneling
Answer:
A
QUESTION
NO: 30
What
VPN feature allows Internet traffic and local LAN/WAN traffic to use the same
network connection?
A.
split tunneling
B.
hairpinning
C.
tunnel mode
D.
transparent mode
Answer:
A
Comments
Post a Comment