It is more faster and easier to pass the Cisco ccna security 210 260 official cert guide exam by using Breathing Cisco Implementing Cisco Network Security questuins and answers. Immediate access to the Abreast of the times ccna security 210 260 dumps pdf free download Exam and find the same core area cisco ccna security 210 260 questions with professionally verified answers, then PASS your exam with a high score now.

Q1. What is the only permitted operation for processing multicast traffic on zone-based firewalls? 

A. Only control plane policing can protect the control plane against multicast traffic. 

B. Stateful inspection of multicast traffic is supported only for the self-zone. 

C. Stateful inspection for multicast traffic is supported only between the self-zone and the internal zone. 

D. Stateful inspection of multicast traffic is supported only for the internal zone. 


Q2. After reloading a router, you issue the dir command to verify the installation and observe that the image file appears to be missing. For what reason could the image file fail to appear in the dir output? 

A. The secure boot-image command is configured. 

B. The secure boot-comfit command is configured. 

C. The confreg 0x24 command is configured. 

D. The reload command was issued from ROMMON. 


Q3. Which statement about communication over failover interfaces is true? 

A. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default. 

B. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default. 

C. All information that is sent over the failover and stateful failover interfaces is encrypted by default. 

D. User names, passwords, and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text. 


Q4. Refer to the exhibit. 

Which statement about the device time is true? 

A. The time is authoritative, but the NTP process has lost contact with its servers. 

B. The time is authoritative because the clock is in sync. 

C. The clock is out of sync. 

D. NTP is configured incorrectly. 

E. The time is not authoritative. 


Q5. Which statement about a PVLAN isolated port configured on a switch is true? 

A. The isolated port can communicate only with the promiscuous port. 

B. The isolated port can communicate with other isolated ports and the promiscuous port. 

C. The isolated port can communicate only with community ports. 

D. The isolated port can communicate only with other isolated ports. 


Q6. For what reason would you configure multiple security contexts on the ASA firewall? 

A. To separate different departments and business units. 

B. To enable the use of VRFs on routers that are adjacently connected. 

C. To provide redundancy and high availability within the organization. 

D. To enable the use of multicast routing and QoS through the firewall. 


Q7. Refer to the exhibit. 

What type of firewall would use the given configuration line? 

A. a stateful firewall 

B. a personal firewall 

C. a proxy firewall 

D. an application firewall 

E. a stateless firewall 


Q8. Scenario 

In this simulation, you have access to ASDM only. Review the various ASA configurations using ASDM then answer the five multiple choice questions about the ASA SSLVPN configurations. 

To access ASDM, click the ASA icon in the topology diagram. 

Note: Not all ASDM functionalities are enabled in this simulation. 

To see all the menu options available on the left navigation pane, you may also need to un-expand the expanded menu first. 

Which four tunneling protocols are enabled in the DfltGrpPolicy group policy? (Choose four) 

A. Clientless SSL VPN 

B. SSL VPN Client 


D. L2TP/IPsec 

E. IPsec IKEv1 

F. IPsec IKEv2 

Cisco 210-260 : Practice Test 

Answer: A,D,E,F 


By clicking one the Configuration-> Remote Access -> Clientless CCL VPN Access-> Group Policies tab you can view the DfltGrpPolicy protocols as shown below: 

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-09-25 at 9.00.18 AM.png 

Q9. If a switch receives a superior BPDU and goes directly into a blocked state, what mechanism must be in use? 

A. root guard 

B. EtherChannel guard 

C. loop guard 

D. BPDU guard 


Q10. Which two services define cloud networks? (Choose two.) 

A. Infrastructure as a Service 

B. Platform as a Service 

C. Security as a Service 

D. Compute as a Service 

E. Tenancy as a Service 

Answer: A,B