QUESTION 91
Which Sourfire secure action should you choose if you want to block only malicious traffic from a particular end-user?
|
A. |
Trust |
|
B. |
Block |
|
C. |
Allow without inspection |
|
D. |
Monitor |
|
E. |
Allow with inspection |
Correct Answer: E
Explanation:
Allow with Inspection allows all traffic except for malicious traffic from a particular end-user. The other options are too restrictive, too permissive, or don’t exist.
QUESTION 92
Refer to the following.
209.114.111.1 Configure, ipv4, same, valid, stratum 2 ref ID 132.163.4.103, time D7AD124D.9D6FC576 (03:17:33.614 UTC Sun Aug 31 2014) our mode client, peer mode server, our poll intvl 64, peer poll intvl 64 root delay 46.34 msec, root disp 23.52, reach 1, sync dist 268.59 delay 63.27 msec, offset 7.9817 msec, dispersion 187.56, jitter 2.07 msec precision 2**23, version 4
204.2.134.164 Configure, ipv4, same, valid, stratum 2 ref ID 241.199.164.101, time D7AD1D149.9EB5272B (03:25:13.619 UTC Sun Aug 31 2014) our mode client, peer mode server, our poll intvl 64, peer poll intvl 256 root delay 30.83 msec, root disp 4.88, reach 1, sync dist 223.80 delay 28.69 msec, offset 6.4331 msec, dispersion 187.56, jitter 1.39 msec precision 2**23, version 4
192.168.10.7 Configure, ipv4, our_master, sane, valid, stratum 3 ref ID 108.61.73.243, time D7AD0D8F.AE79A23A (02:57:19.681 UTC Sun Aug 31 2014) our mode client, peer mode server, our poll intvl 64, peer poll intvl 64 root delay 86.45 msec, root disp 87.82, reach 377, sync dist 134.25 delay 0.89 msec, offset 19.5087 msec, dispersion 1.69, jitter 0.84 msec precision 2**23, version 4
With which NTP server has the router synchronized?
|
A. |
192.168.10.7 |
|
B. |
108.61.73.243 |
|
C. |
209.114.111.1 |
|
D. |
204.2.134.164 |
|
E. |
132.163.4.103 |
|
F. |
241.199.164.101 |
Correct Answer: A
QUESTION 93
Which Cisco feature can help mitigate spoofing attacks by verifying symmetry of the traffic path?
|
A. |
Unidirectional Link Detection |
|
B. |
Unicast Reverse Path Forwarding |
|
C. |
TrustSec |
|
D. |
IP Source Guard |
Correct Answer: B
QUESTION 94
Which countermeasures can mitigate ARP spoofing attacks? (Choose two.)
|
A. |
Port security |
|
B. |
DHCP snooping |
|
C. |
IP source guard |
|
D. |
Dynamic ARP inspection |
Correct Answer: BD
QUESTION 95
Which type of security control is defense in depth?
|
A. |
Threat mitigation |
|
B. |
Risk analysis |
|
C. |
Botnet mitigation |
|
D. |
Overt and covert channels |
Correct Answer: A
QUESTION 96
When a company puts a security policy in place, what is the effect on the company’s business?
|
A. |
Minimizing risk |
|
B. |
Minimizing total cost of ownership |
|
C. |
Minimizing liability |
|
D. |
Maximizing compliance |
Correct Answer: A
QUESTION 97
What is the primary purposed of a defined rule in an IPS?
|
A. |
to detect internal attacks |
|
B. |
to define a set of actions that occur when a specific user logs in to the system |
|
C. |
to configure an event action that is pre-defined by the system administrator |
|
D. |
to configure an event action that takes place when a signature is triggered |
Correct Answer: C
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/ips/70/configuration/guide/cli/cliguide7/cli_event_action_rules.html#wp1028144
QUESTION 98
When a switch has multiple links connected to a downstream switch, what is the first step that STP takes to prevent loops?
|
A. |
STP elects the root bridge |
|
B. |
STP selects the root port |
|
C. |
STP selects the designated port |
|
D. |
STP blocks one of the ports |
Correct Answer: A
QUESTION 99
Which option describes information that must be considered when you apply an access list to a physical interface?
|
A. |
Protocol used for filtering |
|
B. |
Direction of the access class |
|
C. |
Direction of the access group |
|
D. |
Direction of the access list |
Correct Answer: C
QUESTION 100
In which type of attack does an attacker send email message that ask the recipient to click a link such ashttps://www.cisco.net.cc/securelogs?
|
A. |
pharming |
|
B. |
phishing |
|
C. |
solicitation |
|
D. |
secure transaction |
Correct Answer: B
Free VCE & PDF File for Cisco 210-260 Real Exam
Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF