210-260 PDF Study Syllabus For Download

Get DumpsSchool CCNA security dumps and elevate your preparation level of 210-260 exam. Our CCNA Security 210-260 Dumps PDF format has authentic exam questions with comprehensive knowledge of 210-260 Cisco network security. 

Try it Latest DumpsSchool 210-260 Exam dumps. Buy Full File here: https://www.dumpsschool.com/210-260-exam-dumps.html (502 As Dumps)

Download the DumpsSchool 210-260 braindumps from Google Drive: https://drive.google.com/file/d/1OLgDbCqeAs1x3q7eiGn25-G5lDunbsJv/view (FREE VERSION!!!)

Question No. 1

Which statement about Cisco ACS authentication and authorization is true?

Answer: A

Question No. 2

What feature defines a campus area network?

Answer: A

Question No. 3

Which feature prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port?

Answer: C

Question No. 4

Which command successfully creates an administrative user with a password of “Cisco” on a Cisco router?

Answer: C

Question No. 5

With which technology do apply integrity, confidentially and authenticate the source

Answer: A

IPsec is a collection of protocols and algorithms used to protect IP packets at Layer 3 (hence the name of IP Security [IPsec]). IPsec provides the core benefits of confidentiality through encryption, data integrity through hashing and HMAC, and authentication using digital signatures or using a pre-shared key (PSK) that is just for the authentication, similar to a password.

Source: Cisco Official Certification Guide, IPsec and SSL, p.97

Question No. 6

If you change the native VLAN on the trunk port to an unused VLAN, what happens if an attacker attempts a double-tagging attack?

Answer: C

VLAN hopping is a computer security exploit, a method of attacking networked resources on a virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible. There are two primary methods of VLAN hopping: switch spoofing and double tagging.

Double Tagging can only be exploited when switches use “Native VLANs”. Double Tagging can be mitigated by either one of the following actions:

+ Simply do not put any hosts on VLAN 1 (The default VLAN)

+ Change the native VLAN on all trunk ports to an unused VLAN ID Source: https://en.wikipedia.org/wiki/VLAN_hopping

Question No. 7

(Choose Two)

Answer: A, B

+ Log collection of event records from sources throughout the organization provides important forensic tools and helps to address compliance reporting requirements.

+ Normalization maps log messages from different systems into a common data model, enabling the organization to connect and analyze related events, even if they are initially logged in different source formats.

+ Correlation links logs and events from disparate systems or applications, speeding detection of and reaction to security threats.

+ Aggregation reduces the volume of event data by consolidating duplicate event records.

+ Reporting presents the correlated, aggregated event data in real-time monitoring and long-term summaries.

Source: http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-smart- businessarchitecture/sbaSIEM_deployG.pdf

Question No. 8

Which two actions does an IPS perform? (Choose two.)

Answer: B, E

210-260 Dumps Google Drive: (Limited Version!!!)

Related Certification: https://www.dumpsschool.com/ccna-security-questions.html