Cisco 210-260 Dumps For Preparation

CCNA security study guide: exam 210-260 pdf file is compatible with all digital devices. The valid and verified 210-260 PDF ccna security exam questions help you to pass 210-260 CCNA Security exam is just one attempt.

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: (FREE VERSION!!!)

Question No. 1

Which TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)

Answer: B, C, E

The ASA supports TACACS+ server authentication with the following protocols: ASCII, PAP, CHAP, and MS- CHAPv1.

Source: aaa_tacacs.pdf

Question No. 2

what causes a client to be placed in a guest or restricted VLAN on an 802.1x enabled network?

Answer: A

Question No. 3

Which three statements describe DHCP spoofing attacks? (Choose three.)

Answer: A, B, C

DHCP spoofing occurs when an attacker attempts to respond to DHCP requests and trying to list themselves (spoofs) as the default gateway or DNS server, hence, initiating a man in the middle attack. With that, it is possible that they can intercept traffic from users before forwarding to the real gateway or perform DoS by flooding the real DHCP server with request to choke ip address resources.


Also when i took the exam, it asked me for only 2 options. AB is correct

Question No. 4

Which of Diffie-Hellman group(s) is/are support(ed) by CISCO VPN Product (Choose all that apply?

Answer: A, B, D, E

Question No. 5

When is “Deny all” policy an exception in Zone Based Firewall

Answer: A

+ There is a default zone, called the self zone, which is a logical zone. For any packets directed to the router directly (the destination IP represents the packet is for the router), the router automatically considers that traffic to be entering the self zone. In addition, any traffic initiated by the router is considered as leaving the self zone.

By default, any traffic to or from the self zone is allowed, but you can change this policy.

+ For the rest of the administrator-created zones, no traffic is allowed between interfaces in different zones.

+ For interfaces that are members of the same zone, all traffic is permitted by default.

Source: Cisco Official Certification Guide, Zones and Why We Need Pairs of Them, p.380

Question No. 6

What are two options for running Cisco SDM? (Choose two)

Answer: B, D

Question No. 7

When a switch has multiple links connected to a downstream switch, what is the first step that STP takes to prevent loops?

Answer: A

First when the switches are powered on all the ports are in Blocking state (20 sec), during this time the + Root Bridge is elected by exchanging BPDUs

+ The other switches will elect their Root ports

+ Every network segment will choosee their Designated port


Question No. 8

What is the primary purpose of a defined rule in an IPS?

Answer: A

210-260 Dumps Google Drive: (Limited Version!!!)

Related Certification: