[Free] 2019(Nov) EnsurePass Cisco 210-260 Dumps with VCE and PDF 41-50

Get Full Version of the Exam
http://www.EnsurePass.com/210-260.html

Question No.41

What command can you use to verify the binding table status?

  1. show ip dhcp snooping database

  2. show ip dhcp snooping binding

  3. show ip dhcp snooping statistics

  4. show ip dhcp pool

  5. show ip dhcp source binding

  6. show ip dhcp snooping

Correct Answer: A

Question No.42

If a switch receives a superior BPDU and goes directly into a blocked state, what mechanism must be in use?

  1. root guard

  2. EtherChannel guard

  3. loop guard

  4. BPDU guard

Correct Answer: D

Question No.43

Which statement about a PVLAN isolated port configured on a switch is true?

  1. The isolated port can communicate only with the promiscuous port.

  2. The isolated port can communicate with other isolated ports and the promiscuous port.

  3. The isolated port can communicate only with community ports.

  4. The isolated port can communicate only with other isolated ports.

Correct Answer: A

Question No.44

If you change the native VLAN on the trunk port to an unused VLAN, what happens if an attacker attempts a double-tagging attack?

  1. The trunk port would go into an error-disabled state.

  2. A VLAN hopping attack would be successful.

  3. A VLAN hopping attack would be prevented.

  4. The attacked VLAN will be pruned.

Correct Answer: C

Question No.45

What is a reason for an organization to deploy a personal firewall?

  1. To protect endpoints such as desktops from malicious activity.

  2. To protect one virtual network segment from another.

  3. To determine whether a host meets minimum security posture requirements.

  4. To create a separate, non-persistent virtual environment that can be destroyed after a session.

  5. To protect the network from DoS and syn-flood attacks.

Correct Answer: A

Question No.46

Which statement about personal firewalls is true?

  1. They can protect a system by denying probing requests.

  2. They are resilient against kernel attacks.

  3. They can protect email messages and private documents in a similar way to a VPN.

  4. They can protect the network against attacks.

Correct Answer: A

Question No.47

Refer to the exhibit. What type of firewall would use the given configuration line?

image

  1. a stateful firewall

  2. a personal firewall

  3. a proxy firewall

  4. an application firewall

  5. a stateless firewall

Correct Answer: A

Question No.48

What is the only permitted operation for processing multicast traffic on zone-based firewalls?

  1. Only control plane policing can protect the control plane against multicast traffic.

  2. Stateful inspection of multicast traffic is supported only for the self-zone.

  3. Stateful inspection for multicast traffic is supported only between the self-zone and the internal zone.

  4. Stateful inspection of multicast traffic is supported only for the internal zone.

Correct Answer: A

Question No.49

How does a zone-based firewall implementation handle traffic between interfaces in the same zone?

  1. Traffic between two interfaces in the same zone is allowed by default.

  2. Traffic between interfaces in the same zone is blocked unless you configure the same-security permit command.

  3. Traffic between interfaces in the same zone is always blocked.

  4. Traffic between interfaces in the same zone is blocked unless you apply a service policy to the zone pair.

Correct Answer: A

Question No.50

Which two statements about Telnet access to the ASA are true? (Choose two).

  1. You may VPN to the lowest security interface to telnet to an inside interface.

  2. You must configure an AAA server to enable Telnet.

  3. You can access all interfaces on an ASA using Telnet.

  4. You must use the command virtual telnet to enable Telnet.

  5. Best practice is to disable Telnet and use SSH.

Correct Answer: AE

Get Full Version of the Exam
210-260 Dumps
210-260 VCE and PDF

Leave a Reply