CCNA Security 210-260 Practice Test Book
Exam Questions and Answers (Latest Update
2024)
Which two of the following are social engineering techniques? - CORRECT
ANSWERS Phone Scams
Phishing
If you configure a zone-based firewall that includes a policy for traffic directed to
and from the self zone, which of the following could create a denial of service? -
CORRECT ANSWERS Not allowing specific routing protocol traffic
Which of the following password methods features the strongest encryption? -
CORRECT ANSWERS Enable secret password
Which one of the following commands reveal the ACLs, transform sets, and peer
information and indicate which interface is being used to connect to the remote
IPsec VPN peer? - CORRECT ANSWERS show crypto map
When you connect for the first time to the console port on a new router, which
privilege level are you using initially when presented with the command-line
interface? - CORRECT ANSWERS 1
What does application layer inspection provide? - CORRECT ANSWERS
Enables a firewall to listen on a client/server communication, looking for information
regarding communication channels
What does the Diffie-Helman exchange create as a result of it running? - CORRECT
ANSWERS Symmetrical keys
SNMPv3 provides advantages over its previous versions. Which of the following is a
feature in SNMPv3 whose function is not available in SNMPv1? - CORRECT
ANSWERS Scrambling of the content of the SNMP packets
R1(config)#enable secret level 10 cisco
,CCNA Security 210-260 Practice Test Book
Exam Questions and Answers (Latest Update
2024)
What does this command accomplish? - CORRECT ANSWERS Assigns a
password for a custom privilege level
What is the primary motivation for most attacks against networks today? -
CORRECT ANSWERS Financial
When is traffic allowed to be routed and forwarded if the source of the traffic is from
a device located off of a low-security interface if the destination device is located off
of a high-security interface? (Choose all that apply.) - CORRECT ANSWERS If
there is an access list that is permitting this traffic.
This traffic is allowed if the initial traffic was inspected and this traffic is the return
traffic.
How does a switch know about parallel Layer 2 paths? - CORRECT ANSWERS
BPDU
R1(config)#aaa new-model
R1(config)#aaa authentication login default enable
R1(config)#enable secret cisco123
R1(config)#username admin secret cisco123
R1(config)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#debug aaa authentication
AAA Authentication debugging is on
R1#
R1#
AAA/BIND(00000003): Bind i/f
AAA/AUTHEN/LOGIN (00000003): Pick method list 'default'
,CCNA Security 210-260 Practice Test Book
Exam Questions and Answers (Latest Update
2024)
AAA/AUTHEN/ENABLE(00000003): Processing request action LOGIN
AAA/AUTHEN/ENABLE(00000003): Done status GET_PASSWORD
R1#
AAA/AUTHEN/ENABLE(00000003): Processing request action LOGIN
AAA/AUTHEN/ENABLE(00000003): Done status PASS
R1#
Review the output shown here and select the correct statement. - CORRECT
ANSWERS a user has connected and correctly provided the enable secret
Which of the following are protocols that are most likely used for authentication?
(Choose all that apply.) - CORRECT ANSWERS RADIUS
TACACS+
How many zones can an interface be a member of at the same time in a Zoned-
Based IOS Firewall? - CORRECT ANSWERS 1
Which best practices apply to networks that run both IPv4 and IPv6? - CORRECT
ANSWERS Routing protocol authentication
Physical security
Written security policy
Authorization of administrators
Why is the public key in a typical public-private key pair referred to as public? -
CORRECT ANSWERS Because it is shared publicly
Why is a common CA important for two VPN devices that want to authenticate using
digital certificates? - CORRECT ANSWERS So that both peers will be able to
verify the signature of the CA
, CCNA Security 210-260 Practice Test Book
Exam Questions and Answers (Latest Update
2024)
What is the default number of MAC addresses allowed on a switch port that is
configured with port security? - CORRECT ANSWERS 1
Which of the following are the valid first four characters of a link-local address? -
CORRECT ANSWERS FE80
How is the negotiation of the IPsec (IKE Phase 2) tunnel done securely? - CORRECT
ANSWERS Uses the IKE Phase 1 tunnel
Which one of the following is true about a transparent firewall? - CORRECT
ANSWERS Implemented at Layer 2
Which is the primary Layer 2 mechanism that allows multiple devices in the same
VLAN to communicate with each other even though those devices are physically
connected to different switches? - CORRECT ANSWERS Trunk
What is the default policy between an administratively created zone and the self
zone? - CORRECT ANSWERS Permit
What allows a firewall to be a DHCP client and a NAT/PAT device at the same time? -
CORRECT ANSWERS Dynamic PAT
R1# show ipv6 int fa 0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, xxxxxxxx is FE80::218:B9FF:FE21:9278
No Virtual link-local address(es):
xxxxxxxxxx address(es):
2001:A:452:BAD:218:B9FF:FE21:9278, subnet is 2001:A:452:BAD::/64 [EUI]
Joined group address(es):
FF02::1
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICNURSING001. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $18.09. You're not tied to anything after your purchase.