[210-260 New VCE]Braindump2go 210-260 Questions and Answers Free Download[61-70]

(2017 June)Cisco 210-260 Exam Dumps with PDF and VCE New Updated in www.Braindump2go.com  Today!
100% Real Exam Questions! 100% Exam Pass Guaranteed!

1.|2017 Version New 210-260 PDF and 210-260 VCE 265Q&As Download:
http://www.braindump2go.com/210-260.html

2.|2017 Version New 210-260 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNV1RGaFJYZkxGWFk?usp=sharing

QUESTION 61
For what reason would you configure multiple security contexts on the ASA firewall?

A.    To enable the use of VFRs on routers that are adjacently connected
B.    To provide redundancy and high availability within the organization
C.    To enable the use of multicast routing and QoS through the firewall
D.    To seperate different departments and business units

Answer: D

QUESTION 62
What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network connection.

A.    split tunneling
B.    hairpinning
C.    tunnel mode
D.    transparent mode

Answer: A

QUESTION 63
When is the best time to perform an anti-virus signature update?

A.    When the local scanner has detected a new virus
B.    When a new virus is discovered in the wild
C.    Every time a new update is available
D.    When the system detects a browser hook

Answer: C

QUESTION 64
What is the effect of the send-lifetime local 23:59:00 31 December 31 2013 infinite command?

A.    It configures the device to begin transmitting the authentication key to other devices at 00:00:00 local time on January 1, 2014 and continue using the key indefinitely.
B.    It configures the device to begin transmitting the authentication key to other devices at 23:59:00 local time on December 31, 2013 and continue using the key indefinitely.
C.    It configures the device to begin accepting the authentication key from other devices immediately and stop accepting the key at 23:59:00 local time on December 31, 2013.
D.    It configures the device to generate a new authentication key and transmit it to other devices at 23:59 00 local time on December 31, 2013.
E.    It configures the device to begin accepting the authentication key from other devices at 23:59:00 local time on December 31, 2013 and continue accepting the key indefinitely.
F.    It configures the device to begin accepting the authentication key from other devices at 00:00:00 local time on January 1, 2014 and continue accepting the key indefinitely.

Answer: B

QUESTION 65
Which Statement about personal firewalls is true?

A.    They are resilient against kernal attacks
B.    They can protect email messages and private documents in a similar way to a VPN
C.    They can protect the network against attacks
D.    They can protect a system by denying probing requests

Answer: D

QUESTION 66
Refer to the exhibit. While troubleshooting site-to-site VPN, you issued the show crypto ipsec sa command. What does the given output show?
 

A.    ISAKMP security associations are established between 10.1.1.5 and 10.1.1.1
B.    IPSec Phase 2 is established between 10.1.1.1 and 10.1.1.5
C.    IKE version 2 security associations are established between 10.1.1.1 and 10.1.1.5
D.    IPSec Phase 2 is down due to a mismatch between encrypted and decrypted packets

Answer: B

QUESTION 67
Which statement about a PVLAN isolated port configured on a switch is true?

A.    The isolated port can communicate only with the promiscous port
B.    The isolated port can communicate with other isolated ports and the promiscuous port
C.    The isolated port can communicate only with community ports
D.    The isolated port can communicate only with other isolated ports

Answer: A

QUESTION 68
Which three statements about host-based IPS are true? (Choose three)

A.    It can view encrypted files
B.    It can be deployed at the perimeter
C.    It uses signature-based policies
D.    It can have more restrictive policies than network-based IPS
E.    It works with deployed firewalls
F.    It can generate alerts based on behavior at the desktop level.

Answer: ADF
Explanation:
The key word here is ‘Cisco’, and Cisco’s host-based IPS, CSA, is NOT signature-based and CAN view encrypted files.

QUESTION 69
What type of security support is provided by the Open Web Application Security Project?

A.    Education about common Web site vulnerabilities
B.    A wb site security framework
C.    A security discussion forum for Web site developers
D.    Scoring of common vulnerabilities and exposures

Answer: A

QUESTION 70
Refer to the exhibit. Which statement about the device time is true?
 

A.    The time is authoritative because the clock is in sync
B.    The time is authoritative, but the NTP process has lost contact with its servers
C.    The clock is out of sync
D.    NTP is configured incorrectly
E.    The time is not authoritative

Answer: B


!!!RECOMMEND!!!

1.|2017 Version New 210-260 PDF and 210-260 VCE 265Q&As Download:
http://www.braindump2go.com/210-260.html

2.|2017 Version New 210-260 Study Guide Video:
https://youtu.be/9yy5IlptXYw