What configure mode you used for the command ip ospf authentication-key (something) ?
A.
global
B.
priviliged
C.
in-line
D.
…
Explanation:
BD
ip ospf authentication-key is used under interface configuration mode, so it’s in interface level, under global
configuration mode. If it asks about interface level then choose that.
interface Serial0
ip address 192.16.64.1 255.255.255.0
ip ospf authentication-key c1$c0
This one is wrong. This command goes on the interface. “Router(config-if)#ip ospf authentication-key cisco”
0
0
Perfect! You can use this command under the “config-if” so the correct asnwer is “D. Interface” (or something like this)
0
0
Anyone pass using this recently?
0
0
Hi, 210-260 new questions(August/30/2017):
QUESTION
What is an advantage of placing an IPS on the inside of a network?
A. It can provide higher throughput.
B. It receives traffic that has already been filtered.
C. It receives every inbound packet.
D. It can provide greater security.
Answer: B
QUESTION
Which three statements about Cisco host-based IPS soluations are true? (Choose three.)
A. It can view encrypted files.
B. It can have more restrictive policies than network-based IPS.
C. It can generate alerts based on behavior at the desktop level.
D. It can be deployed at the perimeter.
E. It uses signature-based policies.
F. It works with deployed firewalls.
Answer: ABC
QUESTION
Which syslog severity level is level number 7?
A. Warning
B. Informational
C. Notification
D. Debugging
Answer: D
QUESTION
Which type of mirroring does SPAN technology perform?
A. Remote mirroring over Layer 2
B. Remote mirroring over Layer 3
C. Local mirroring over Layer 2
D. Local mirroring over Layer 3
Answer: C
QUESTION
Which tasks is the session management path responsible for? (Choose three.)
A. Verifying IP checksums
B. Performing route lookup
C. Performing session lookup
D. Allocating NAT translations
E. Checking TCP sequence numbers
F. Checking packets against the access list
Answer: BDF
QUESTION
Which network device does NTP authenticate?
A. Only the time source
B. Only the client device
C. The firewall and the client device
D. The client device and the time source
Answer: A
QUESTION
What hash type does Cisco use to validate the integrity of downloaded images?
A. Sha1
B. Sha2
C. Md5
D. Md1
Answer: C
QUESTION
Which option is the most effective placement of an IPS device within the infrastructure?
A. Inline, behind the internet router and firewall
B. Inline, before the internet router and firewall
C. Promiscuously, after the Internet router and before the firewall
D. Promiscuously, before the Internet router and the firewall
Answer: A
QUESTION
If a router configuration includes the line aaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
A. The user will be prompted to authenticate using the enable password
B. Authentication attempts to the router will be denied
C. Authentication will use the router`s local database
D. Authentication attempts will be sent to the TACACS+ server
Answer: AD
QUESTION
Which alert protocol is used with Cisco IPS Manager Express to support up to 10 sensors?
A. SDEE
B. Syslog
C. SNMP
D. CSM
Answer: A
More new 210-260 Practice tests and real exam questions: https://www.braindump2go.com/210-260.html (330Q&As Version)
0
0
Almost all of the questions were on the test when I took it recently. It may be worth studying 640-554 as well. I’m pretty certain there were questions from that test on the exam.
0
0
yea, the old 640-554 (whatever the code is) material was on there also I believe, and also some of these half questions/answers. The Lab and simlets are the same as whats on here.
0
0
20 New Questions
Q1: Referring to CIA (confidentiality,Integrity and Availability), where would a hash-only make more sense.
Ans: Data at Rest
Q2: Phishing method on the phone.
Ans: vishing
Q3: At which Layer Data Center Operate.
Ans: (A) Data Center
Q4: Inorder to protect the switch from reconnaissance attack when using CDP.
A. Disable CDP on ports connected to end points (or Disable CPD on edfe ports)
B. Disable CPD on trunk ports
..
Ans:A
Q5: For Protecting FMC (Firepower Managent Center) what/which is used.
Ans: AMP (advanced malware protection) (IPS second choice)
Q6: what ips feature that is less secure among than the other option permit a better throughput ?
Ans: Promiscuous
Q7: Which ports need to be active for AAA server to integrate with Microsoft AD
A. 445 & 8080
B. 443 & 389
C. 445 & 389
D. 443 & 8080
Ans: C
Q8: What is the best way to confirm that AAA authentication is working properly?
A. Use the test aaa command.
B. Ping the NAS to confirm connectivity.
C. Use the Cisco-recommended configuration for AAA authentication.
D. Log into and out of the router, and then check the NAS authentication log.
Ans:A
Q9: Zone based firewall
Ans: enable zones first / zones must be made before applying interfaces.
Q10: What does the command crypto isakmp nat-traversal do.
Ans: Enables udp port 4500 on all IPsec enabled interfaces
Q11: Why ipsec tunnel is not working.
Ans: because the ASA can’t receive packets from remote endpoint
Q12: What data is transferred during DH for making pub/prive key (something similar)
Ans: … Prime Integer
Q13: Dos attack difficult to discover
A. Syn-flood attack
B. Peer-to-peer attacks
C. Trojan
D. Low-rate dos attack
Ans:D
Q14: Question about MDM (Mobile device Management)
A. generate self-signed certificate to connect to server (Deployed certificates ;Issued certificate to the server likely)
B. install network-specific software
…
Ans:A
Q15: Protocols supported in contest aware VRF over VRF lite (2 choices)
A. EIGRP
B. Unicast
C. Multicast
D. OSPF
Ans: AC
Q16: Question about show crypto isakmp sa
*Ans: Remote peer was not able to encrypt the packet,(The answer could be wrong for different scenario)
Q17: what are the quantifiable things you would verify before introducing new technology in your company
Ans: risk
Q18: Within an 802.1X enabled network with the Auth Fail feature configured, when does a switch port get placed
into a restricted VLAN?
A. When user failed to authenticate after certain number of attempts. (client entered wrong credentials multiple times.)
B. When 802.1X is not globally enabled on the Cisco catalyst switch
C. When AAA new-model is enabled
D. …
Ans: A
Q19: Self zone (2 option)?
A. can be source or deatination zone.
B. can be use statful filtering during multicast.
C. all interfaces wil be used for self zone
..
Ans: AC
Q20: Which IDS/IPS is used for monoitoring system and somthing ?
Ans: HIPS.
0
0
Questions that were very similar to these were on the exam recently.
0
0
For Q3, is the the same as
Where does the Datacenter operate ?
A.
Distribution
B.
Access
C.
Core
Answer: A
0
0