Your success in Cisco cisco ccna security 210 260 is our sole target and we develop all our ccna security 210 260 official cert guide pdf download braindumps in a way that facilitates the attainment of this target. Not only is our ccna security 210 260 dumps pdf study material the best you can find, it is also the most detailed and the most updated. 210 260 vce Practice Exams for Cisco CCNA Security ccna security 210 260 exam dumps are written to the highest standards of technical accuracy.

Q21. Refer to the exhibit. 

What is the effect of the given command sequence? 

A. It configures IKE Phase 1. 

B. It configures a site-to-site VPN tunnel. 

C. It configures a crypto policy with a key size of 14400. 

D. It configures IPSec Phase 2. 


Q22. Which EAP method uses Protected Access Credentials? 






Q23. Which statement about a PVLAN isolated port configured on a switch is true? 

A. The isolated port can communicate only with the promiscuous port. 

B. The isolated port can communicate with other isolated ports and the promiscuous port. 

C. The isolated port can communicate only with community ports. 

D. The isolated port can communicate only with other isolated ports. 


Q24. Which three ESP fields can be encrypted during transmission? (Choose three.) 

A. Security Parameter Index 

B. Sequence Number 

C. MAC Address 

D. Padding 

E. Pad Length 

F. Next Header 

Answer: D,E,F 

Q25. Which statement about application blocking is true? 

A. It blocks access to specific programs. 

B. It blocks access to files with specific extensions. 

C. It blocks access to specific network addresses. 

D. It blocks access to specific network services. 


Q26. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

Which four tunneling protocols are enabled in the DfltGrpPolicy group policy? (Choose four) 

A. Clientless SSL VPN 

B. SSL VPN Client 


D. L2TP/IPsec 

E. IPsec IKEv1 

F. IPsec IKEv2 

Cisco 210-260 : Practice Test 

Answer: A,D,E,F 


By clicking one the Configuration-> Remote Access -> Clientless CCL VPN Access-> Group Policies tab you can view the DfltGrpPolicy protocols as shown below: 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.00.18 AM.png 

Q27. What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network connection? 

A. split tunneling 

B. hairpinning 

C. tunnel mode 

D. transparent mode 


Q28. Which statement about Cisco ACS authentication and authorization is true? 

A. ACS servers can be clustered to provide scalability. 

B. ACS can query multiple Active Directory domains. 

C. ACS uses TACACS to proxy other authentication servers. 

D. ACS can use only one authorization profile to allow or deny requests. 


Q29. How does the Cisco ASA use Active Directory to authorize VPN users? 

A. It queries the Active Directory server for a specific attribute for the specified user. 

B. It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server. 

C. It downloads and stores the Active Directory database to query for future authorization requests. 

D. It redirects requests to the Active Directory server defined for the VPN group. 


Q30. Which type of secure connectivity does an extranet provide? 

A. other company networks to your company network 

B. remote branch offices to your company network 

C. your company network to the Internet 

D. new networks to your company network