CCNA Security Implementing Cisco Network Security

Here you have the best Cisco 210-260 practice exam questions

  • You have 134 total questions to study from
  • Each page has 5 questions, making a total of 27 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on November 16, 2024
Question 1 of 134

Which two services define cloud networks? (Choose two.)

    Correct Answer: A, D

    AB

    The diagram below depicts the Cloud Computing stack it shows three distinct categories within Cloud Computing: Software as a Service, Platform as a Service and Infrastructure as a Service.

    A simplified way of differentiating these flavors of Cloud Computing is as follows;

    ✑ SaaS applications are designed for end-users, delivered over the web

    ✑ PaaS is the set of tools and services designed to make coding and deploying those applications quick and efficient

    ✑ IaaS is the hardware and software that powers it all servers, storage, networks, operating systems

    Reference: https://support.rackspace.com/white-paper/understanding-the-cloud-computing-stack-saas-paas-iaas/

Question 2 of 134

In which two situations should you use out-of-band management? (Choose two.)

    Correct Answer: A, B

    Out-of-band management is used to access network devices in situations where standard in-band management methods are not available. This usually occurs when the network device fails to forward packets, making traditional network paths unusable, and when ROMMON (Read-Only Memory Monitor) access is required for low-level troubleshooting or recovery. Using out-of-band management ensures that administrators can still manage and control devices even if the control or data plane is not functioning properly.

Question 3 of 134

In which three ways does the TACACS protocol differ from RADIUS? (Choose three.)

    Correct Answer: A, B, C

    TACACS protocol differs from RADIUS in three key ways. Firstly, TACACS uses TCP to communicate with the Network Access Server (NAS), whereas RADIUS commonly uses UDP. Secondly, TACACS can encrypt the entire packet that is sent to the NAS, providing more comprehensive security compared to RADIUS, which only encrypts the password field. Thirdly, TACACS supports per-command authorization, allowing for more granular control of user actions during a session. These features make TACACS particularly well-suited for managing administrative access to network devices.

Question 4 of 134

According to Cisco best practices, which three protocols should the default ACL allow on an access port to enable wired BYOD devices to supply valid credentials and connect to the network? (Choose three.)

    Correct Answer: A, C, F

    To enable BYOD devices to provide valid credentials and connect to the network, the default ACL should allow BOOTP (which is part of DHCP for IP address assignment), DNS (for domain name resolution), and 802.1X (for network access control). BOOTP and DNS are essential for network configuration and communication, while 802.1X is a key protocol for authenticating devices in a wired network scenario.

Question 5 of 134

Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)

    Correct Answer:

    Answer: A, F

    The following table shows the relative security level provided by the recommended and NGE algorithms. The security level is the relative strength of an algorithm. bits, the relative effort it would take to "beat"

    -bit symmetric key algorithm (without reduction or other attacks). The 128-bit security level is for sensitive information and the 192-bit level is for information of higher importance.

    Reference:

    http://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html