Ensurepass

Implementing Cisco Network Security (IINS)

 

QUESTION 71

What is the default timeout interval during which a router waits for responses from a TACACS server before declaring a timeout failure?

 

A.

5 seconds

B.

10 seconds

C.

15 seconds

D.

20 seconds

 

Correct Answer: A

 

 

QUESTION 72

How does PEAP protect the EAP exchange?

 

A.

It encrypts the exchange using the client certificate.

B.

It validates the server-supplied certificate and then encrypts the exchange using the client certificate.

C.

It encrypts the exchange using the server certificate.

D.

It validates the client-supplied certificate and then encrypts the exchange using the server certificate.

 

Correct Answer: C

 

 

QUESTION 73

Which address block is reserved for locally assigned unique local addresses?

 

A.

2002::/16

B.

FD00::/8

C.

2001::/32

D.

FB00::/8

 

Correct Answer: B

 

 

QUESTION 74

In which two situations should you use in-band management? (Choose two)

 

A.

When you require administrators access from multiple locations

B.

When you require ROMMON access

C.

When the control plane fails to respond

D.

When a network device fails to forward packets

E.

When Management applications need concurrent access to the device

 

Correct Answer: AE

 

 

QUESTION 75

What hash type does Cisco use to validate the integrity of downloaded images?

 

A.

Sha1

B.

Sha2

C.

Md5

D.

Md1

 

Correct Answer: C

 

 

QUESTION 76

Which statement about the communication between interfaces on the same security level is true?

 

A.

All Traffic is allowed by default between interfaces on the same security level.

B.

Interface on the same security level require additional configuration to permit inter-interface communication.

C.

Configuring interface on the same security level can cause asymmetric routing.

D.

You can configure only one interface on an individual security level.

 

Correct Answer: B

 

 

QUESTION 77

What configuration allows AnyConnect to authenticate automatically establish a VPN session when a user logs in to the computer?

 

A.

proxy

B.

Trusted Network Detection

C.

transparent mode

D.

always-on

 

Correct Answer: D

 

 

QUESTION 78

Which type of IPS can identify worms that are propagating in a network?

 

A.

Policy-based IPS

B.

Anomaly-based IPS

C.

Reputation-based IPS

D.

Signature-based IPS

 

Correct Answer: B

 

 

QUESTION 79

Which of the following are features of IPsec transport mode? (Choose three.)

 

A.

IPsec transport mode is used between end stations

B.

IPsec transport mode is used between gateways

C.

IPsec transport mode supports multicast

D.

IPsec transport mode supports unicast

E.

IPsec transport mode encrypts only the payload

F.

IPsec transport mode encrypts the entire packet

 

Correct Answer: ADE

 

QUESTION 80

Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?

 

A.

You can configure a single zone pair that allows bidirectional traffic flows from for any zone except the self-zone.

B.

You must configure two zone pair, one for each direction.

C.

You can configure a single zone pair that allows bidirectional traffic flows for any zone.

D.

You can configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 210-260 Practice Test

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …