[Free] 2019(Nov) EnsurePass Cisco 210-260 Dumps with VCE and PDF 51-60

Get Full Version of the Exam
http://www.EnsurePass.com/210-260.html

Question No.51

Which statement about communication over failover interfaces is true?

  1. All information that is sent over the failover and stateful failover interfaces is sent as clear text by default.

  2. All information that is sent over the failover interface is sent as clear text, but the stateful failover link is encrypted by default.

  3. All information that is sent over the failover and stateful failover interfaces is encrypted by default.

  4. User names, passwords, and preshared keys are encrypted by default when they are sent over the failover and stateful failover interfaces, but other information is sent as clear text.

Correct Answer: A

Question No.52

If a packet matches more than one class map in an individual feature type#39;s policy map, how does the ASA handle the packet?

  1. The ASA will apply the actions from only the first matching class map it finds for the feature type.

  2. The ASA will apply the actions from only the most specific matching class map it finds for the feature type.

  3. The ASA will apply the actions from all matching class maps it finds for the feature type.

  4. The ASA will apply the actions from only the last matching class map it finds for the feature type.

Correct Answer: A

Question No.53

For what reason would you configure multiple security contexts on the ASA firewall?

  1. To separate different departments and business units.

  2. To enable the use of VRFs on routers that are adjacently connected.

  3. To provide redundancy and high availability within the organization.

  4. To enable the use of multicast routing and QoS through the firewall.

Correct Answer: A

Question No.54

What is an advantage of placing an IPS on the inside of a network?

  1. It can provide higher throughput.

  2. It receives traffic that has already been filtered.

  3. It receives every inbound packet.

  4. It can provide greater security.

Correct Answer: B

Question No.55

What is the FirePOWER impact flag used for?

  1. A value that indicates the potential severity of an attack.

  2. A value that the administrator assigns to each signature.

  3. A value that sets the priority of a signature.

  4. A value that measures the application awareness.

Correct Answer: A

Question No.56

Which FirePOWER preprocessor engine is used to prevent SYN attacks?

  1. Rate-Based Prevention

  2. Portscan Detection

  3. IP Defragmentation

  4. Inline Normalization

Correct Answer: A

Question No.57

Which Sourcefire logging action should you choose to record the most detail about a connection?

  1. Enable logging at theend of the session.

  2. Enable logging at thebeginning of the session.

  3. Enable alerts via SNMP to log events off-box.

  4. Enable eStreamer to log events off-box.

Correct Answer: A

Question No.58

What can the SMTP preprocessor in FirePOWER normalize?

  1. It can extract and decode email attachments in client to server traffic.

  2. It can look up the email sender.

  3. It compares known threats to the email sender.

  4. It can forward the SMTP traffic to anemail filter server.

  5. It uses the Traffic Anomaly Detector.

Correct Answer: A

Question No.59

You want to allow all of your company#39;s users to access the Internet without allowing other Web servers to collect the IP addresses of individual users. What two solutions can you use? (Choose two).

  1. Configure a proxy server to hide users#39; local IP addresses.

  2. Assign unique IP addresses to all users.

  3. Assign the same IP address to all users.

  4. Install a Web content filter to hide users#39; local IP addresses.

  5. Configure a firewall to use Port Address Translation.

Correct Answer: AE

Question No.60

You have implemented a Sourcefire IPS and configured it to block certain addresses utilizing Security Intelligence IP Address Reputation. A user calls and is not able to access a certain IP address. What action can you take to allow the user access to the IP address?

  1. Create a whitelist and add the appropriate IP address to allow the traffic.

  2. Create a custom blacklist to allow the traffic.

  3. Create a user based access control rule to allow the traffic.

  4. Create a network based access control rule to allow the traffic.

  5. Create a rule to bypass inspection to allow the traffic.

Correct Answer: A

>

Get Full Version of the Exam
210-260 Dumps
210-260 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.