Implementing Cisco Network Security (IINS)

 

QUESTION 111

Which command causes a Layer 2 switch interface to operate as a Layer 3 interface?

 

A.

no switchport nonnegotiate

B.

switchport

C.

no switchport mode dynamic auto

D.

no switchport

 

Correct Answer: D

 

 

QUESTION 112

Which network device doe
s NTP authenticate?

 

A.

Only the time source

B.

Only the client device

C.

The firewall and the client device

D.

The client device and the time source

 

Correct Answer: A

 

 

QUESTION 113

Which TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)

 

A.

EAP

B.

ASCII

C.

PAP

D.

PEAP

E.

MS-CHAPv1

F.

MS-CHAPv2

 

Correct Answer: BCE

 

 

QUESTION 114

In which type of attack does the attacker attempt to overload the CAM table on a switch so that the switch acts as a hub?

 

A.

gratuitous ARP

B.

MAC flooding

C.

MAC spoofing

D.

DoS

 

Correct Answer: B

 

 

QUESTION 115

Which protocols use encryption to protect the confidentiality of data transmitted between two parties? (Choose two.)

< p class="MsoNormal" style="cursor: auto; margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left"> 

A.

FTP

B.

SSH

C.

Telnet

D.

AAA

E.

HTTPS

F.

HTTP

 

Correct Answer: BE< /span>

 

 

QUESTION 116

Your security team has discovered a malicious program that has been harvesting the CEO’s email messages and the company’s user database for the last 6 months. What type of attack did your team discover?

 

A.

social activism

B.

drive-by spyware

C.

targeted malware

D.

advance persistent threat

 

Correct Answer: D

 

 

QUESTION 117

What are the primary attack methods of VLAN hopping? (Choose two.)

 

A.

VoIP hopping

B.

Switch spoofing

C.

CAM-table overflow

D.

Double tagging

 

Correct Answer: BD

 

 

QUESTION 118

Which Cisco product can help mitigate web-based attacks within a network?

 

A.

Adaptive Security Appliance

B.

Web Security Appliance

C.

Email Security Appliance

D.

Identity Services Engine

 

Correct Answer: B

 

 

QUESTION 119

Which technology can be used to rate data fidelity and to provide an authenticated hash for data?

 

A.

Network blocking

B.

signature updates

C.

file analysis

D.

file reputation

 

Correct Answer: D

 

 

QUESTION 120

What is a valid implicit permit rule for traffic that is traversing the ASA firewall?

 

A.

Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.

B.

Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode.

C.

ARPs in both directions are permitted in transparent mode only.

D.

Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only.

E.

Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode.

 

Correct Answer: C

 

Free VCE & PDF File for Cisco 210-260 Practice Test

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …