Vendor: Cisco Exam Code: 210-060 dumps Exam Name: Implementing Cisco Network Security Version: DemoDEMO

QUESTION 1 Refer to the exhibit. What is the effect of the given command sequence? A. It configures IKE Phase 1. B. It configures a site-to-site VPN tunnel. C. It configures a crypto policy with a key size of 14400. D. It configures IPSec Phase 2. Correct Answer: A

QUESTION 2 What hash type does Cisco 210-065 dumps use to validate the integrity of downloaded images? A. Sha1 B. Sha2 C. Md5 D. Md1 Correct Answer: C

QUESTION 3 What security feature allows a private IP address to access the Internet by translating it to a public address? A. NAT B. hairpinning C. Trusted Network Detection D. Certification Authority Correct Answer: A

QUESTION 4 What is the purpose of the Integrity component of the CIA triad? A. to ensure that only authorized parties can modify data B. to determine whether data is relevant C. to create a process for accessing data D. to ensure that only authorized parties can view data Correct Answer: A

QUESTION 5 What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network connection? A. split tunneling B. hairpinningC. tunnel mode D. transparent mode Correct Answer: A

QUESTION 6 Refer to the exhibit. With which NTP server has the router synchronized? A. 192.168.10.7 B. 108.61.73.243 C. 209.114.111.1 D. 132.163.4.103 E. 204.2.134.164 F. 241.199.164.101 Correct Answer: A

QUESTION 7 What are two default Cisco 300-101 dumps IOS privilege levels? (Choose two.) A. 0 B. 1 C. 5 D. 7 E. 10 F. 15 Correct Answer: BF

QUESTION 8 What is the purpose of a honeypot IPS? A. To create customized policies B. To detect unknown attacksC. To normalize streams D. To collect information about attacks Correct Answer: D

QUESTION 9 In which three ways does the RADIUS protocol differ from TACACS? (Choose three.) A. RADIUS uses UDP to communicate with the NAS. B. RADIUS encrypts only the password field in an authentication packet. C. RADIUS authenticates and authorizes simultaneously, causing fewer packets to be transmitted. D. RADIUS uses TCP to communicate with the NAS. E. RADIUS can encrypt the entire packet that is sent to the NAS. F. RADIUS supports per-command authorization. Correct Answer: ABC

QUESTION 10 When a company puts a security policy in place, what is the effect on the company's business? A. Minimizing risk B. Minimizing total cost of ownership C. Minimizing liability D. Maximizing compliance Correct Answer: A

QUESTION 11 Which tasks is the session management 300-135 dumps path responsible for? (Choose three.) A. Verifying IP checksums B. Performing route lookup C. Performing session lookup D. Allocating NAT translations E. Checking TCP sequence numbers F. Checking packets against the access list Correct Answer: BDF

QUESTION 12 Which statement about extended access lists is true? A. Extended access lists perform filtering that is based on source and destination and are most effective when applied to the destination B. Extended access lists perform filtering that is based on source and destination and are most effective when applied to the source C. Extended access lists perform filtering that is based on destination and are most effective when applied to the source D. Extended access lists perform filtering that is based on source and are most effective when applied to the destination Correct Answer: B

QUESTION 13 Refer to the exhibit.If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond? A. The supplicant will fail to advance beyond the webauth method. B. The switch will cycle through the configured authentication methods indefinitely. C. The authentication attempt will time out and the switch will place the port into the unauthorized state. D. The authentication attempt will time out and the switch will place the port into VLAN 101. Correct Answer: A

QUESTION 14 Refer to the exhibit. Which statement about the device time is true? A. The time is authoritative, but the NTP process has lost contact with its servers. B. The time is authoritative because the clock is in sync. C. The clock is out of sync. D. NTP is configured incorrectly. E. The time is not authoritative. Correct Answer: A

QUESTION 15 Which Cisco product can help mitigate web-based attacks within a network? A. Adaptive Security 70-532 dumps Appliance B. Web Security Appliance C. Email Security Appliance D. Identity Services Engine Correct Answer: B

QUESTION 16 Which EAP method uses Protected Access Credentials? A. EAP-FAST B. EAP-TLS C. EAP-PEAP D. EAP-GTC

Correct Answer: AQUESTION 17 Which feature of the Cisco Email Security Appliance can mitigate the impact of snowshoe spam and sophisticated phishing attacks? A. contextual analysis B. holistic understanding of threats C. graymail management and filtering D. signature-based IPS Correct Answer: A

QUESTION 18 In which stage of an attack does 200-155 dumps the attacker discover devices on a target network? A. Reconnaissance B. Covering tracks C. Gaining access D. Maintaining access Correct Answer: A