2017 Oct New 210-260 Exam Dumps with PDF and VCE Free Updated Today! Following are some new 210-250 Questions:
1.|2017 New 210-260 Exam Dumps (PDF & VCE) 362Q&As Download:
https://www.braindump2go.com/210-260.html
2.|2017 New 210-260 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNV1RGaFJYZkxGWFk?usp=sharing
QUESTION 151
Refer to the exhibit. Which statement about the given configuration is true?
A. The timeout command causes the device to move to the next server after 20 seconds of TACACS inactivity.
B. The single-connection command causes the device to process one TACACS request and then move to the next server.
C. The single-connection command causes the device to establish one connection for all TACACS transactions.
D. The router communicates with the NAS on the default port, TCP 1645
Answer: C
Explanation:
In order for TACACS+ servers to fail over, they must be configured in a TACACS server group, which these are not, which eliminates A and B. D is incorrect.
QUESTION 152
Refer to the exhibit. What is the effect of the given command?
A. It configure the network to use a different transform set between peers.
B. It merges authentication and encryption methods to protect traffic that matches an ACL.
C. It configures encryption for MD5 HMAC.
D. It configures authentications as AES 256.
Answer: B
Explanation:
Because a transform set defines a method to encrypt traffic: esp-aes-256 and a method to authenticate: esp-md5-hmac
QUESTION 153
Refer to the exhibit. What are two effects of the given command? (Choose two.)
A. It configures authentication to use AES 256.
B. It configures authentication to use MD5 HMAC.
C. It configures authorization use AES 256.
D. It configures encryption to use MD5 HMAC.
E. It configures encryption to use AES 256.
Answer: BE
QUESTION 154
What is a valid implicit permit rule for traffic that is traversing the ASA firewall?
A. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only
B. Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode.
C. ARPs in both directions are permitted in transparent mode only
D. Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only
E. Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode.
Answer: C
Explanation:
IPv4 and IPv6 traffic is permitted in both routed and transparent mode from higher to lower security interfaces.
QUESTION 155
You have been tasked with blocking user access to website that violate company policy, but the site use dynamic IP Addresses. What is the best practice URL filtering to solve the problem?
A. Enable URL filtering and create a blacklist to block the websites that violate company policy.
B. Enable URL filtering and create a whitelist to allow only the websites the company policy allow users to access.
C. Enable URL filtering and use URL categorization to allow only the websites the company policy allow users to access
D. Enable URL filtering and create a whitelist to block the websites that violate company policy.
E. Enable URL filtering and use URL categorization to block the websites that violate company policy.
Answer: E
Explanation:
Categorization will catch a large number of related websites, regardless of the address or IP.
QUESTION 156
What is the potential drawback to leaving VLAN 1 as the native VLAN?
A. Gratuitous ARPs might be able to conduct a man-in-the-middle attack.
B. The CAM might be overloaded, effectively turning the switch into hub.
C. VLAN 1 might be vulnerable to IP address spoofing
D. It may be susceptible to a VLAN hopping attack
Answer: D
QUESTION 157
Refer to the exhibit. Which line in this configuration prevents the HelpDesk user from modifying the interface configuration?
A. Privilege exec level 9 show configure terminal
B. Privilege exec level 7show start-up
C. Privilege exec level 10 interface
D. Username HelpDesk privilege 6 password help
Answer: A
QUESTION 158
Which IPS mode provides the maximum number of actions?
A. Inline
B. bypass
C. span
D. failover
E. promiscuous
Answer: A
Explanation:
Because IPS inline gets the live traffic as it’s passing through the network and can take direct action on the traffic if it detects any malicious activity. The actions are drop, block, TCP reset, shun, alert, log, modify.
QUESTION 159
In which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations? (Choose three)
A. When matching ACL entries are configured
B. when matching NAT entries are configured
C. When the firewall requires strict HTTP inspection
D. When the firewall requires HTTP inspection
E. When the firewall receives a SYN-ACK packet
F. When the firewall receives a SYN packet
Answer: ABE
QUESTION 160
Which technology can be used to rate data fidelity and to provide an authenticated hash for data?
A. Network blocking
B. signature updates
C. file analysis
D. file reputation
Answer: D
!!!RECOMMEND!!!
1.|2017 New 210-260 Exam Dumps (PDF & VCE) 362Q&As Download:
https://www.braindump2go.com/210-260.html
2.|2017 New 210-260 Study Guide Video:
https://youtu.be/9yy5IlptXYw