Vendor: Cisco Exam Code: 210-260 Exam Name: Implementing Cisco Network Security Q&As: 329 (324Q&As & 5 Labs)QUESTION 1 Which three ESP fields can be encrypted during transmission? (Choose three.) A. Security Parameter Index B. Sequence Number C. MAC Address D. Padding E. Pad Length F. Next Header Correct Answer: DEF Explanation QUESTION 2 What mechanism does asymmetric cryptography use to secure data? A. a public/private key pair B. shared secret keys C. an RSA nonce D. an MD5 hash Correct Answer: A Explanation QUESTION 3 Whit which type of Leyer 2 attack can you "do something" for one host: A. MAC spoofing B. CAM overflow.... Correct Answer: A Explanation QUESTION 4 Refer to the exhibit. How many times was a read-only string used to attempt a write operation? A. 9 B. 6 C. 4 D. 3 E. 2 Correct Answer: A Explanation QUESTION 5 Which feature allows a dynamic PAT pool to select the next address in the PAT pool instead of the next port of an existing address? A. next IP B. round robin C. dynamic rotation D. NAT address rotation Correct Answer: B Explanation QUESTION 6 Which label is given to a person who uses existing computer scripts to hack into computers lacking the expertise to write their own? A. white hat hacker B. hacktivist C. phreaker D. script kiddy Correct Answer: D Explanation QUESTION 7 When Cisco IOS zone-based policy firewall is configured, which three actions can be applied to a traffic class? (Choose three.) A. pass B. police C. inspect D. drop E. queue F. shape Correct Answer: ACD Explanation Explanation/Reference: 8bc994.shtml Zone-Based Policy Firewall Actions ZFW provides three actions for traffic that traverses from one zone to another: Drop -- This is the default action for all traffic, as applied by the "class class-default" that terminates every inspect-type policy-map. Other class-maps within a policy-map can also be configured to drop unwanted traffic. Traffic that is handled by the drop action is "silently" dropped (i.e., no notification of the drop is sent to the relevant end-host) by the ZFW, as opposed to an ACL's behavior of sending an ICMP "host unreachable" message to the host that sent the denied traffic. Currently, there is not an option to change the "silent drop" behavior. The log option can be added with drop for syslog notification that traffic was dropped by the firewall. Pass -- This action allows the router to forward traffic from one zone to another. The pass action does not track the state of connections or sessions within the traffic. Pass only allows the traffic in one direction. A corresponding policy must be applied to allow return traffic to pass in the opposite direction. The pass action is useful for protocols such as IPSec ESP, IPSec AH, ISAKMP, and other inherently secure protocols with predictable behavior. However, most application traffic is better handled in the ZFW with the inspect action. Inspect--The inspect action offers state-based traffic control. For example, if traffic from the private zone to the Internet zone in the earlier example network is inspected, the router maintains connection or session information for TCP and User Datagram Protocol (UDP) traffic. Therefore, the router permits return traffic sent from Internet-zone hosts in reply to private zone connection requests. Also, inspect can provide application inspection and control for certain service protocols that might carry vulnerable or sensitive application traffic.Audit-trail can be applied with a parameter-map to record connection/session start, stop, duration, the data volume transferred, and source and destination addresses. QUESTION 8 Which type of security control is defense in depth? A. Threat mitigation B. Risk analysis C. Botnet mitigation D. Overt and covert channels Correct Answer: A Explanation QUESTION 9 Which statement about a PVLAN isolated port configured on a switch is true? A. The isolated port can communicate only with the promiscuous port. B. The isolated port can communicate with other isolated ports and the promiscuous port. C. The isolated port can communicate only with community ports. D. The isolated port can communicate only with other isolated ports. Correct Answer: A Explanation QUESTION 10 Which statement about Cisco cert4sure.netACS authentication and authorization is true? A. ACS servers can be clustered to provide scalability. B. ACS can query multiple Active Directory domains. C. ACS uses TACACS to proxy other authentication servers. D. ACS can use only one authorization profile to allow or deny requests. Correct Answer: A Explanation ACSM-Certification Oracle Exam Questions





トライアンフが主催する経営者及び人事担当者様向けの人事・採用コンテンツ(セミナー及びトレーニング)です。東京 恵比寿のトライアンフ本社で、年間約100講座のセミナーを開催しています。講師陣にはトライアンフ代表取締役である樋口弘和をはじめ、弊社コンサルタントが担当し、最新の人事・採用トピックスを学習する講座、経営者や経営幹部向けの自社の人事戦略を考える双方向参加型講座、面接スキルや給与計算業務といった専門スキルを習得する実務者向け講座など、豊富なラインナップをご用意しています。




人事制度設計/評価制度/女性活躍推進/人事戦略 /組織診断/ワークライフバランス/報酬制度/新入社員研修 /人材マネジメント/内定者研修/ダイバーシティ/管理職研修












トライアンフでは、公開講座形式のセミナーのほかにもさまざまな企業研修メニューをご用意しています。 貴社の社内研修プログラムの企画立案と最適な講師選定・派遣、さらに実施後の効果測定までをコーディネートいたします。一般的な講義内容に加え、貴社のご要望を最大限に取り入れることができます。まずは事務局もしくは担当窓口までご連絡ください。詳しくはこちら【】をご覧ください。