Get Full Version of the Exam
http://www.EnsurePass.com/210-260.html
Question No.21
What type of algorithm uses the same key to encrypt and decrypt data?
A. |
a symmetric algorithm |
B. |
an asymmetric algorithm |
C. |
a Public Key Infrastructure algorithm |
D. |
an IP security algorithm |
Correct Answer: A
Question No.22
Refer to the exhibit. How many times was a read-only string used to attempt a write operation?
A. |
9 |
B. |
6 |
C. |
4 |
D. |
3 |
E. |
2 |
Correct Answer: A
Question No.23
Refer to the exhibit. Which statement about the device time is true?
A. |
The time is authoritative, but the NTP process has lost contact with its servers. |
B. |
The time is authoritative because the clock is in sync. |
C. |
The clock is out of sync. |
D. |
NTP is configured incorrectly. |
E. |
The time is not authoritative. |
Correct Answer: A
Question No.24
How does the Cisco ASA use Active Directory to authorize VPN users?
A. |
It queries the Active Directory server for a specific attribute for the specified user. |
B. |
It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server. |
C. |
It downloads and stores the Active Directory database to query for future authorization requests. |
D. |
It redirects requests to the Active Directory server defined for the VPN group. |
Correct Answer: A
Question No.25
Which statement about Cisco ACS authentication and authorization is true?
A. |
ACS servers can be clustered to provide scalability. |
B. |
ACS can query multiple Active Directory domains. |
C. |
ACS uses TACACS to proxy other authentication servers. |
D. |
ACS can use only one authorization profile to allow or deny requests. |
Correct Answer: A
Question No.26
Refer to the exhibit. If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond?
A. |
The supplicant will fail to advance beyond the webauth method. |
B. |
The switch will cycle through the configured authentication methods indefinitely. |
C. |
The authentication attempt will time out and the switch will place the port into the unauthorized state. |
D. |
The authentication attempt will time out and the switch will place the port into VLAN 101. |
Correct Answer: A
Question No.27
Which EAP method uses Protected Access Credentials?
A. |
EAP-FAST |
B. |
EAP-TLS |
C. |
EAP-PEAP |
D. |
EAP-GTC |
Correct Answer: A
Question No.28
What is one requirement for locking a wired or wireless device from ISE?
A. |
The ISE agent must be installed on the device. |
B. |
The device must be connected to the network when the lock command is executed. |
C. |
The user must approve the locking action. |
D. |
The organization must implement an acceptable use policy allowing device locking. |
Correct Answer: A
Question No.29
What VPN feature allows traffic to exit the security appliance through the same interface it entered?
A. |
hairpinning |
B. |
NAT |
C. |
NAT traversal |
D. |
split tunneling |
Correct Answer: A
Question No.30
What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network connection?
A. |
split tunneling |
B. |
hairpinning |
C. |
tunnel mode |
D. |
transparent mode |
Correct Answer: A
Get Full Version of 210-260 Dumps