QUESTION 21
What type of algorithm uses the same key to encrypt and decrypt data?
|
A. |
a symmetric algorithm |
|
B. |
an asymmetric algorithm |
|
C. |
a Public Key Infrastructure algorithm |
|
D. |
an IP security algorithm |
Correct Answer: A
QUESTION 22
Refer to the exhibit. How many times was a read-only string used to attempt a write operation?
|
A. |
9 |
|
B. |
6 |
|
C. |
4 |
|
D. |
3 |
|
E. |
2 |
Correct Answer: A
QUESTION 23
Refer to the exhibit. Which statement about the device time is true?
|
A. |
The time is authoritative, but the NTP process has lost contact with its servers. |
|
B. |
The time is authoritative because the clock is in sync. |
|
C. |
The clock is out of sync. |
|
D. |
NTP is configured incorrectly. |
|
E. |
The time is not authoritative. |
Correct Answer: A
QUESTION 24
How does the Cisco ASA use Active Directory to authorize VPN users?
|
A. |
It queries the Active Directory server for a specific attribute for the specified user. |
|
B. |
It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server. |
|
C. |
It downloads and stores the Active Directory database to query for future authorization requests. |
|
D. |
It redirects requests |
Correct Answer: A
QUESTION 25
Which statement about Cisco ACS authentication and authorization is true?
|
A. |
ACS servers can be clustered to provide scalability. |
|
B. |
ACS can query multiple Active Directory domains. |
|
C. |
ACS uses TACACS to proxy other authentication servers. |
|
D. |
ACS can use only one authorization profile to allow or deny requests. |
Correct Answer: A
QUESTION 26
Refer to the exhibit. If a supplicant supplies incorrect credentials for all authentication methods configured on the switch, how will the switch respond?
|
A. |
The supplicant will fail to advance beyond the webauth method. |
|
B. |
The switch will cycle through the configured authentication methods indefinitely. |
|
C. |
The authentication attempt will time out and the switch will place the port into the unauthorized state. |
|
D. |
The authentication attempt will time out and the switch will place the port into VLAN 101.< /p> |
Correct Answer: A
QUESTION 27
Which EAP method uses Protected Access Credentials?
|
A. |
EAP-FAST |
|
B. |
EAP-TLS |
|
C. |
EAP-PEAP |
|
D. |
EAP-GTC |
Correct Answer: A
QUESTION 28
What is one requirement for locking a wired or wireless device from ISE?
|
A. |
The ISE agent must be installed on the device. |
|
B. |
The device must be connected to the network when the lock command is executed. |
|
C. |
The user must approve the locking action. |
|
D. |
The organization must implement an acceptable use policy allowing device locking. |
Correct Answer: A
QUESTION 29
What VPN feature allows traffic to exit the security appliance through the same interface it entered?
|
A. |
hairpinning |
|
B. |
NAT |
|
C. |
NAT traversal |
|
D. |
split tunneling |
Correct Answer: A
QUESTION 30
What VPN feature allows Internet traffic and local LAN/WAN traffic to use the same network connection?
|
A. |
split tunneling |
|
B. |
hairpinning |
|
C. |
tunnel mode |
|
D. |
transparent mode |
Correct Answer: A
Free VCE & PDF File for Cisco 210-260 Real Exam
Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …