[Free] 2019(Nov) EnsurePass Cisco 210-260 Dumps with VCE and PDF 21-30

Get Full Version of the Exam

Question No.21

What type of algorithm uses the same key to encrypt and decrypt data?

  1. a symmetric algorithm

  2. an asymmetric algorithm

  3. a Public Key Infrastructure algorithm

  4. an IP security algorithm

    Correct Answer: A

    Question No.22

    Refer to the exhibit. How many times was a read-only string used to attempt a write operation?












    Correct Answer: A

    Question No.23

    Refer to the exhibit. Which statement about the device time is true?


    1. The time is authoritative, but the NTP process has lost contact with its servers.

    2. The time is authoritative because the clock is in sync.

    3. The clock is out of sync.

    4. NTP is configured incorrectly.

    5. The time is not authoritative.

Correct Answer: A

Question No.24

How does the Cisco ASA use Active Directory to authorize VPN users?

  1. It queries the Active Directory server for a specific attribute for the specified user.

  2. It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server.

  3. It downloads and stores the Active Directory database to query for future authorization requests.

  4. It redirects requests to the Active Directory server defined for the VPN group.

Correct Answer: A

Question No.25

Which statement about Cisco ACS authentication and authorization is true?

  1. ACS servers can be clustered to provide scalability.

  2. ACS can query multiple Active Directory domains.

  3. ACS uses TACACS to proxy other authentication servers.

  4. ACS can use only one authorization profile to allow or deny requests.

Correct Answer: A

Question No.26

Refer to the exhibit. If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond?


  1. The supplicant will fail to advance beyond the webauth method.

  2. The switch will cycle through the configured authentication methods indefinitely.

  3. The authentication attempt will time out and the switch will place the port into the unauthorized state.

  4. The authentication attempt will time out and the switch will place the port into VLAN 101.

Correct Answer: A

Question No.27

Which EAP method uses Protected Access Credentials?


  2. EAP-TLS


  4. EAP-GTC

Correct Answer: A

Question No.28

What is one requirement for locking a wired or wireless device from ISE?

  1. The ISE agent must be installed on the device.

  2. The device must be connected to the network when the lock command is executed.

  3. The user must approve the locking action.

  4. The organization must implement an acceptable use policy allowing device locking.

Correct Answer: A

Question No.29

What VPN feature allows traffic to exit the security appliance through the same interface it entered?

  1. hairpinning

  2. NAT

  3. NAT traversal

  4. split tunneling

Correct Answer: A

Question No.30

What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network connection?

  1. split tunneling

  2. hairpinning

  3. tunnel mode

  4. transparent mode

Correct Answer: A

Get Full Version of the Exam
210-260 Dumps
210-260 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.