Home > Share your CCNA Security Experience

Share your CCNA Security Experience

November 5th, 2015 Go to comments

Please share with us your experience after taking the CCNA Security 210-260 exam, your materials, the way you learned, your recommendations…

Comments (100) Comments
Comment pages
1 16 17 18 19 20 22 675
  1. Mary
    January 29th, 2020

    Passed with 96X,

    Thank you so much Bolo and Anton, God bless you more for the great work you did.

  2. Brizzio
    January 29th, 2020

    Hi, can anyone please show me the link to Anton´s dumps for 210-260 exam? Thanks!

  3. Sabonis
    January 29th, 2020

    I just simply could not resist anymore: people, if you are unable to read some tens of pages of a forum, how the heck are you preparing a whole certificate?

    Bolo, Anton and so many others, thanks so much. After reading the official guide, the 31 days, watching cbt nuggets (first time I dont like these guys) and pluralsight (great stuff there) and practicing with labs, just then you check this forum and keep preparing the exam, confirming this what you thought, getting answers to your doubts, debating…
    But some of you cannot even read some pages of a forum… Really, shame on you. And some even order Bolo, Anton (or whoever) to do something. To prepare a doc for them, to transform it to vce (really??), to search for them instead of doing it by themselves… Again, giant shame on you.

    I will take the exam soon after months learning and I wanted to thank all those who have created such community here. A learning community, with students, not with leeches. With people who wants to learn, not just to pass. So, Bolo and all the rest of people answering, adding, labbing… thanks.
    Maybe we will meet in a next cert preparation? Do you have any plans, guys?

  4. Marcus
    January 29th, 2020

    @Anton and @Bolo
    Many thanks

    Passed today 1000/1000
    All questions from the below link.

    Here’s the link to the lastest version of Anton’s file – remove spaces from it:
    drive . google . com / open?id = 131HL9-QF-KyRJSTZZ-W4ufQNIvUdOx58

  5. azarki
    January 29th, 2020

    @travis
    thank you for your answer

  6. Bolo
    January 29th, 2020

    @Sabonis
    Thank you.
    For now I don’t have any Cisco certs plans myself.

  7. Geudiel
    January 30th, 2020

    @Marcus, where can i find the labs for study?, i’m prepare the exam to 23 feb

  8. Anonymous
    January 30th, 2020

    Hi all,

    Mine CCNA r&s expire date on May… Is this good time to take CCNA security or Better to wait for new pattern exam after Feb 24th…. Pls help me on this….

  9. idrees
    January 30th, 2020

    hi guyz.
    please help me figure out the correct answer in these questions. thanks!
    Q1): Which two statements about hardware-based encryption are true? (Choose two)
    A. It is potentially easier to compromise than software-based encryption.
    B. It can be implemented without impacting performance.
    C. It is widely accessible.
    D. It is highly cost effective.
    E. It requires minimal configuration.
    Answer: is it B,E OR B,D

    Q2): What are two major considerations when choosing between a SPAN and a TAP when implementing IPS? (Choose two)
    A. the amount of bandwidth available
    B. the way in which dropped packets will be handled
    C. the type of analysis the IPS will perform
    D. whether RX and TX signals will use separate ports
    E. the way in which media errors will be handled
    Answer: A, C or A,B OR A,D

    Q3): How does the 802.1x supplicant communicate with the authentication server?
    A. The supplicant creates EAP packets and sends them to the authenticator, which translates them into RADIUS and forwards them to the authentication server.
    B. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
    C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into EAP and forwards them to the authentication server.
    D. The supplicant creates RADIUS packets and sends them to the authenticator, which encapsulates them into EAP and forwards them to the authentication server.
    Answer: B OR A

    Q4): Which three statements about host-based IPS are true? (Choose three)
    A. It can view encrypted files
    B. It can be deployed at the perimeter
    C. It uses signature-based policies
    D. It can have more restrictive policies than network-based IPS
    E. It works with deployed firewalls
    F. It can generate alerts based on behaviour at the desktop level.
    Answer: A, D, F OR A,B,D

    Q5): Which two statements about an IPS in tap mode are true? (Choose two.)
    A. It requires an synchronous routing configuration for full traffic analysis.
    B. The device forwards all traffic, regardless of its source or destination.
    C. It directly analyses the actual packets as they pass through the system.
    D. It can analyse events without impacting network efficiency.
    E. It is unable to drop packets in the main flow.
    Answer: D, E is this the correct choice?

    Q6): How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
    A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
    B. Block suspicious hosts from DCE/RPC port 593.
    C. Tunnel DCE/RPC traffic through GRE.
    D. Configure the DCE/RPC preprocessor.
    Answer: D OR B?

  10. Shawn Murphy
    January 30th, 2020

    Congratulations!

    I passed my 210-260 exam with 960/1000 on 28/Jan/2020.

    I study the PassLeader 210-260 questions bank, all the questions in the test is word by word as PassLeader file.

    1 SIM: Connection less VPN, 4 questions as PassLeader, the same answers.
    D&D : Drag and drop the each port-security violation.
    1 new qustion: what is true about STP attack.

    I mainly learned the PassLeader 210-260 dumps (552q NEW version), all questions are available in PassLeader.

    Really helpful.

    P.S.

    Part of PassLeader 210-260 dumps are available here FYI:

    drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

    (552q~~~NEW VERSION DUMPS Updated Recently!!!)

    Good luck, all!

    [copy that link and open it in your web browser]

  11. Shawn Murphy
    January 30th, 2020

    What’s more:

    Part of PassLeader 210-260 IINS new questions (FYI):

    [Get the download link at the end of this post]

    NEW QUESTION 546
    Which statement about TACACS+ is true?

    A. Passwords are transmitted between the client and server using MD5 hasing.
    B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
    C. TACACS_ is used for access to network resources more than administrator access to network devices.
    D. TACACS_ server listens UDP port 1813 for accounting.
    E. All data that is transmitted between the client and TACACS+ server is cleartext.

    Answer: C

    NEW QUESTION 547
    Which effect of the secure boot-image command is true?

    A. It configure the device to boot to the secure IOS image.
    B. It archives a secure copy of the device configuration.
    C. It archives a secure copy of the IOS image.
    D. It displays the status of the bootset.

    Answer: C

    NEW QUESTION 548
    Which two statements about an IPS in tap mode are true? (Choose two.)

    A. It requires an synchronous routing configuration for full traffic analysis.
    B. The device forwards all traffic, regardless of its source or destination.
    C. It directly analyzes the actual packets as they pass through the system.
    D. It can analyze events without impacting network efficiency.
    E. It is unable to drop packets in the main flow.

    Answer: BC

    NEW QUESTION 549
    How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

    A. Passes the traffic.
    B. Drops the traffic.
    C. Broadcasts the traffic.
    D. Looks for an ACL, and acts based upon the ACL.

    Answer: C

    NEW QUESTION 550
    Which 802.1x component enforces the network access policy?

    A. authentication server
    B. authenticator
    C. RADIUS server
    D. supplicant

    Answer: A

    NEW QUESTION 551
    Drag and Drop
    Drag and drop the each port-security violation mode from the left onto the corresponding action on the right.

    Answer:

    NEW QUESTION 552
    ……

    Download more NEW PassLeader 210-260 dumps from Google Drive here:

    drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

    (552q~~~NEW VERSION DUMPS Updated Recently!!!)

    Good luck, all!

    [copy that link and open it in your web browser]

  12. Bali
    January 30th, 2020

    Passed today, file still valid.

  13. Nick-2020
    January 30th, 2020

    Hi @Bolo

    How many simulation will be there in a exam? I saw only one sim in Antons file. Kindly suggest if only that sim is enough to practice in exam. Thank you very much for your all support as always

  14. Bolo
    January 30th, 2020

    @Nick-2020
    Only 1, the one form Anton’s file.

  15. travis
    January 30th, 2020

    @sky
    don’t be baffled! antons file is a compilation of the 4-5xx q dumps relevant q’s and thoroughly researched labed up to get the correct answers. Search back a few pages to see the efforts !

  16. Anonymous
    January 31st, 2020

    Hi Bolo

    Mine CCNA r&s expire date on May… Is this good time to take CCNA security or Better to wait for new pattern exam after Feb 24th…. Pls help me on this….

  17. CiscoNerd
    January 31st, 2020

    I converted Anton’s PDF to VCE. I just did the first 67 questions then 24 questions. Hope this helps someone. Remove the spaces and replace the xxx with w’s,

    https: //xxx.mediafire.com /file /sio76gdboegl0ne/67q.vce/file

    https: //xxx.mediafire.com /file /gn4ct0sl1e3v94e/24q.vce/file

  18. ZyLynn
    January 31st, 2020

    @Anton and @Bolo
    Many thanks.

    I Passed today 98x/1000
    All questions from Anton’s file. Still Valid.
    Total-67
    sim1- ASA-ASDM
    drag and drop- 2

  19. Atom
    January 31st, 2020

    Yesterday I pass with score 979 based on Anton file. THX Bro

  20. Bolo
    January 31st, 2020

    @Anonymous
    I’d do it before 23rd of February. If you wait, you will have to sit the new CCNA exam before your May date to recertify.

  21. ata
    January 31st, 2020

    Today Passed

    Thank you so much Bolo and Anton, God bless you….

  22. Alderson
    January 31st, 2020

    @Bolo @Anton,

    Do you mean only Anton’s file needs to review 67q and 24q? Thank you.

  23. Alderson
    January 31st, 2020

    @Marcus,

    Did you review only the Anton’s file? Thank you. I have an exam next week. I hope to pass using Anton’s PDF.

  24. Anonymous
    January 31st, 2020

    NEW QUESTION 546
    Which statement about TACACS+ is true?

    A. Passwords are transmitted between the client and server using MD5 hasing.
    B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
    C. TACACS_ is used for access to network resources more than administrator access to network devices.
    D. TACACS_ server listens UDP port 1813 for accounting.
    E. All data that is transmitted between the client and TACACS+ server is cleartext.

    Answer: C

    NEW QUESTION 547
    Which effect of the secure boot-image command is true?

    A. It configure the device to boot to the secure IOS image.
    B. It archives a secure copy of the device configuration.
    C. It archives a secure copy of the IOS image.
    D. It displays the status of the bootset.

    Answer: C

    NEW QUESTION 548
    Which two statements about an IPS in tap mode are true? (Choose two.)

    A. It requires an synchronous routing configuration for full traffic analysis.
    B. The device forwards all traffic, regardless of its source or destination.
    C. It directly analyzes the actual packets as they pass through the system.
    D. It can analyze events without impacting network efficiency.
    E. It is unable to drop packets in the main flow.

    Answer: BC

    NEW QUESTION 549
    How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

    A. Passes the traffic.
    B. Drops the traffic.
    C. Broadcasts the traffic.
    D. Looks for an ACL, and acts based upon the ACL.

    Answer: C

    NEW QUESTION 550
    Which 802.1x component enforces the network access policy?

    A. authentication server
    B. authenticawdtor
    C. RADIUS server
    D. supplicant

    Answer: A

  25. Anonymous
    January 31st, 2020

    Q4): Which three statements about host-based IPS are true? (Choose three)
    A. It can view encrypted files
    B. It can be deployed at the perimeter
    C. It uses signature-based policies
    D. It can have mowdre restrictive policies than network-based IPS
    E. It works with deployed firewalls
    F. It can generate alerts based on behaviour at the desktop level.
    Answer: A, D, F OR A,B,D

  26. FranzD
    January 31st, 2020

    @Anonymous

    Its A D F.

    you wont be able to deploy Host based IPS at the perimeter as these types of IPS are installed on host machinesnas its name suggest.

  27. CiscoNerd
    February 1st, 2020

    I converted Anton’s PDF to VCE. I just did the first 67 questions then 24 questions. Hope this helps someone. Remove the spaces and replace the xxx with w’s,

    https: //xxx.mediafire.com /file /sio76gdboegl0ne/67q.vce/file

    https: //xxx.mediafire.com /file /gn4ct0sl1e3v94e/24q.vce/file

  28. flash
    February 1st, 2020

    i schedule my exam for 4/2/2020 this forum is really help me for my study thanks

  29. sh
    February 1st, 2020

    @Anonymous
    Are you mentally disabled? Why are you posting the same questions in Antons PDF with the totally WRONG answers!

  30. Sky
    February 1st, 2020

    @Bolo @Travis
    Thx for the response! You wouldnt know on which page the “older” questions are? I think ill look over them for my own interest.

  31. Anonymous
    February 1st, 2020

    Anton 100%

  32. instinct
    February 1st, 2020

    anyone took the exam today?

  33. Anonymous
    February 1st, 2020

    yes, 979. Like I said, Anton 100%

  34. Anonymous
    February 1st, 2020

    997*

  35. instinct
    February 1st, 2020

    cool! thanks @Anonymous!

  36. Alderson
    February 2nd, 2020

    @CiscoNerd,

    Thanks for converting to the VCE format. Do you have an updated VCE player compatible with your converted VCE file? Thank you.

    @Bolo @Anton,

    Resend: Do you mean only Anton’s file needs to review 67q and 24q? Thank you.

  37. Bolo
    February 2nd, 2020

    @everyone
    Anton’s file is the only resource needed to pass CCNA Security exam – as of now. We worked on questions for months, corrected everything by research, labbing and reading the tech docs. People are getting 1000pts scores on the exam using Anton’s file.

    That’s it – get Anton’s file, learn it and go pass your exam.

  38. Bolo
    February 2nd, 2020

    @Sky
    254

  39. EM
    February 3rd, 2020

    Hey guys, how many questions does Anton’s file have, just asking to make sure i have the correct file because i’m new here i’m sorry…

  40. instinct
    February 3rd, 2020

    @EM

    wasnt able to count but the last question should be a drag and drop that is regarding NIPS and HIPS

  41. Alderson
    February 3rd, 2020

    @Bolo,

    Thank you so much!

  42. Graham Johnson
    February 3rd, 2020

    Congratulations!

    I passed my 210-260 exam with 960/1000 on 31/Jan/2020.

    I study the PassLeader 210-260 questions bank, all the questions in the test is word by word as PassLeader file.

    1 SIM: Connection less VPN, 4 questions as PassLeader, the same answers.
    D&D : Drag and drop the each port-security violation.
    1 new qustion: what is true about STP attack.

    I mainly learned the PassLeader 210-260 dumps (552q NEW version), all questions are available in PassLeader.

    Really helpful.

    P.S.

    Part of PassLeader 210-260 dumps are available here FYI:

    drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

    (552q~~~NEW VERSION DUMPS Updated Recently!!!)

    Good luck, all!

    [copy that link and open it in your web browser]

  43. Graham Johnson
    February 3rd, 2020

    And,

    What’s more:

    Part of PassLeader 210-260 IINS new questions (FYI):

    [Get the download link at the end of this post]

    NEW QUESTION 546
    Which statement about TACACS+ is true?

    A. Passwords are transmitted between the client and server using MD5 hasing.
    B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
    C. TACACS_ is used for access to network resources more than administrator access to network devices.
    D. TACACS_ server listens UDP port 1813 for accounting.
    E. All data that is transmitted between the client and TACACS+ server is cleartext.

    Answer: C

    NEW QUESTION 547
    Which effect of the secure boot-image command is true?

    A. It configure the device to boot to the secure IOS image.
    B. It archives a secure copy of the device configuration.
    C. It archives a secure copy of the IOS image.
    D. It displays the status of the bootset.

    Answer: C

    NEW QUESTION 548
    Which two statements about an IPS in tap mode are true? (Choose two.)

    A. It requires an synchronous routing configuration for full traffic analysis.
    B. The device forwards all traffic, regardless of its source or destination.
    C. It directly analyzes the actual packets as they pass through the system.
    D. It can analyze events without impacting network efficiency.
    E. It is unable to drop packets in the main flow.

    Answer: BC

    NEW QUESTION 549
    How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

    A. Passes the traffic.
    B. Drops the traffic.
    C. Broadcasts the traffic.
    D. Looks for an ACL, and acts based upon the ACL.

    Answer: C

    NEW QUESTION 550
    Which 802.1x component enforces the network access policy?

    A. authentication server
    B. authenticator
    C. RADIUS server
    D. supplicant

    Answer: A

    NEW QUESTION 551
    Drag and Drop
    Drag and drop the each port-security violation mode from the left onto the corresponding action on the right.

    Answer:

    NEW QUESTION 552
    ……

    Download more NEW PassLeader 210-260 dumps from Google Drive here:

    drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg

    (552q~~~NEW VERSION DUMPS Updated Recently!!!)

    Good luck, all!

    [copy that link and open it in your web browser]

  44. CiscoNerd
    February 3rd, 2020

    @ Alderson below is the VCE software that I used. Its the 3rd link, just remove the spaces.

    I converted Anton’s PDF to VCE. I just did the first 67 questions then 24 questions. Hope this helps someone. Remove the spaces and replace the xxx with w’s,

    https: //xxx.mediafire.com /file /sio76gdboegl0ne/67q.vce/file

    https: //xxx.mediafire.com /file /gn4ct0sl1e3v94e/24q.vce/file

    https: //xxx..mediafire.com/file / es1ken5n13mv6fr/Avanset_VCE_Exam_Simulator_Pro_1.1.6_+_Crack_-_Windows_Only.zip/file

  45. Anonymous
    February 3rd, 2020

    NEW QUESTION 546
    Which statement about TACACS+ is true?

    A. Passwords are transmitted between the client and server using MD5 hasing.
    B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
    C. TACACS_ is used for access to network resources more than administrator access to network devices.
    D. TACACS_ server listens UDP port 1813 for accounting.
    E. All data that is transmitted between the client and TACACS+ server is cleartext.

    Answer: C

    NEW QUESTION 547
    Which effect of the secure boot-image command is true?

    A. It configure the device to boot to the secure IOS image.
    B. It archives a secure copy of the device configuration.
    C. It archives a secure copy of the IOS image.
    D. It displays the status of the bootset.

    Answer: C

    NEW QUESTION 548
    Which two statements about an IPS in tap mode are true? (Choose two.)

    A. It requires an synchronous routing configuration for full traffic analysis.
    B. The device forwards all traffic, regardless of its source or destination.
    C. It directlyre analyzes the actual packets as they pass through the system.
    D. It can analyze events without impacting network efficiency.
    E. It is unable to drop packets in the main flow.

    Answer: BC

    NEW QUESTION 549
    How will a stateful firewall handle an inbound packet that it receives and cannot match in its state table?

    A. Passes the traffic.
    B. Drops the traffic.
    C. Broadcasts the traffic.
    D. Looks for an ACL, and acts based upon the ACL.

    Answer: C

    NEW QUESTION 550
    Which 802.1x component enforces the network access policy?

    A. authentication server
    B. authenticator
    C. RADIUS server
    D. supplicant

    Answer: A

  46. Copy link and paste in your browser
    February 3rd, 2020

    Passed

    1 SIM: Connection less VPN, 4 questions
    D&D : Drag and drop the each port-security violation.
    1 new qustion: what is true about STP attack.

    Copy link and paste in your browser
    redirect.is/rdfbrg

  47. Anonymous
    February 3rd, 2020

    NEW QUESTION 548
    Which two statements about an IPS in tap mode are true? (Choose two.)

    A. It requires an synchronous routing configuration for full traffic analysis.
    B. The device forwards all traffic, regardluess of its source or destination.
    C. It directlyre analyzes the actual packets as they pass through the system.
    D. It can analyze events without impacting network efficiency.
    E. It is unable to drop packets in the main flow.

    Answer: BC….

  48. Bruno
    February 3rd, 2020

    I just passed today. I encountered around 10 questions not inside Anton’s file

    I can only remember a question regarding Cisco UCS, the question is something like, what is the benefit of using Cisco UCS. can’t really remember, sorry to all

  49. helpo
    February 3rd, 2020

    question to Bruno

    first, congratulations,

    second, are the 10 new other questions difficult !! me i will pass tomorrow

    thanks

  50. Bolo
    February 3rd, 2020

    @Bruno
    Grats. If you recall anything more, post here please.

    UCS is server hardware from Cisco and questions about it are from CCNA Datacenter – not sure why would it appear on CCNA Security exam. For example, from CCNA DC exam:
    What is a key benefit of using Cisco UCS C-Series servers instead of Cisco UCS B-Series servers?

  51. nick-2020
    February 3rd, 2020

    @Bolo

    what is the exact answer for below question because someone said its B and someone said its C

    Which statement about TACACS+ is true?

    A. Passwords are transmitted between the client and server using MD5 hasing.
    B. TACACS_ is flexible than RADIUS because it separates all AAA into individual processes.
    C. TACACS_ is used for access to network resources more than administrator access to network devices.
    D. TACACS_ server listens UDP port 1813 for accounting.
    E. All data that is transmitted between the client and TACACS+ server is cleartext.

    Answer: C

  52. David-255
    February 3rd, 2020

    @Bolo and @ Anton

    Im really sorry for the stupid question but your answer would help me a lot for my exam which is tomorrow. Do we need to click on every steps on the simulation or just answering the question is enough? Im just worried for the exam because the simulation is so confusing. Thank you and sorry for my stupid question. Thank you

  53. Adam
    February 3rd, 2020

    @Bolo

    which one is connection less VPN simulation? I couldnt find. Please help me

  54. @adam&David
    February 3rd, 2020

    @David: You just want to do the exam by heart. Shame on you. You cannot even try to understand one single simple aspect of ASA you were warned about…
    @Adam: You even didn’t try.

  55. Bolo
    February 3rd, 2020

    @David-255
    You have to answer questions. I am not sure if the exam engine actually checks if you visited correct parts of the user interface to check configuration for the answer.

    @Adam
    The one in Anton’s file. It’s “clientless” BTW.

    @nick-2020
    Nothing changed since yesterday, the answer is in Anton’s file. Two times even.

  56. Damian
    February 3rd, 2020

    Hello all,

    I´m studiying the exam and I have a question. For the drag and drop about security violations.

    Which one sends an SNMP trap and wich one does not notifies?

    Restrict? Protect?

  57. Moha
    February 3rd, 2020

    @Damian
    Restrict send notification
    protect doesn’t send notification

  58. Moha
    February 3rd, 2020

    Did anyone have any idea about the new questions ? topics could help

  59. Damian
    February 3rd, 2020

    @Moha thanks a bunch for your quick answer!!!

  60. Bolo
    February 3rd, 2020

    @Moha
    The person who mentioned new questions only said something about UCS, which is more Datacenter than Security question. So we’ll have to wait to see if there really are any new questions.

  61. Cisco
    February 3rd, 2020

    Guys, I’ve just passed my exam and @Bruno is absolutely right. I think there were 15 new questions and some of the questions on Anton’s files were changed\twisted so be very careful. Read the questions carefully before answering them. Some of the topics where the question changed were with TACACS+, IPS and Site 2 Site VPN.

    You can still pass the exams using Anton’s files cos I still managed to pass the exam and to my surprise, I scored 938.

    It was also stated before starting the exam that some of the questions will not be scored as they were being used for testing purposes so I guess that also helped.

    Good Luck.

  62. Krish
    February 3rd, 2020

    Does anyone know how much mark is for drag and drop, ASDM SIM, MCQ.

  63. Peter
    February 3rd, 2020

    @ Cisco
    what about the simulation? is the simulation same as in Anton’s file or different than that?

  64. Leena
    February 3rd, 2020

    @Cisco

    I think you didnt see the latest version Anton’s file. I passed the exam today with 96x/1000. Everything was from his file. I really appreciate the hardwork of Bolo and Anton. Big thanks for them and others who helped us here in forum. God bless you all and good luck for those who are preparing for their exam

  65. Cisco
    February 3rd, 2020

    @Peter
    The simulation was the same as it was in Anton’s file and the DnD was about Port Security, which is also in the file. Good Luck!

  66. Peter
    February 3rd, 2020

    @Cisco
    Thank you very much for your quick reply. It will help me a lot to prepare for my exam which is tomorrow. I am bit nervous. I will share my result tomorrow evening. Wish me a luck.

  67. Cisco
    February 3rd, 2020

    @Leena

    If that’s the case, then thanks for the update :)

    There you go guys, pls make sure you get the updated version to Anton’s file. I’m sure you will find the link somewhere within the previous comments. Good Luck!

    @Peter
    Good luck!!

  68. Peter
    February 3rd, 2020

    @Bolo @ Anton @ Cisco

    Could you please answer me for below question?
    Which two problems can arise when a proxy firewall serves as the gateway between networks?
    (Choose two)
    A. It can cause reduced throughput.
    B. It is unable to prevent direct connections to other networks.
    C. It can prevent content caching.
    D. It is unable to provide antivirus protection.
    E. It can ktrtf application support.(I dont know what does ktrtf means?)

  69. Anonymous
    February 3rd, 2020

    for those who dont have VCE to practice exam. just remove the spaces and replace aaa with www
    https: // aaa.examtopics. com/ exams /cisco/210-260/view/25/

  70. Peter
    February 3rd, 2020

    What does ASA Transparent mode support?
    A. It supports OSPF.
    B. It supports the use dynamic NAT.
    C. IP for each interface.
    D. Requires a management IP address
    correct answer is “D”

    reference

    https:/ / ipwithease . com / configuring- cisco- asa-i n- transparent- mode/

  71. Bolo
    February 3rd, 2020

    @Peter
    Question is about what does transparent mode support (dynamic NAT is supported in transparent mode), not what is required by one of its features (bridge groups require IP address for BVI).

  72. Bolo
    February 3rd, 2020

    @Peter
    About proxy firewall question – BCD are wrong. So AE? ktrtf can prolly mean ‘limit’ – that would make sense.

  73. securitas
    February 3rd, 2020

    Hi guys,

    A member of this forum did the exame today and shared with us what he recalled from new questions:


    + regarding how you would set up an ike tunnel for cisco ios
    + isakmp_qm_ready isakmp_idle isakmp_qm_idle
    + difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.
    + there were out of this world question regarding IPS that i cant remember coz i got rattled
    + where is file reputation in cisco amp being executed
    – perimeter
    – endpoint
    – esa
    – cloud

    + how does an Antimalware installed on an endpoint check for a malicious file
    – file reputation
    – signature checking
    -context
    – sandboxing

    Cheers

  74. Peter
    February 4th, 2020

    @Bolo

    Thank you my friend for quick response. I really appreciate it.

  75. Suppy
    February 4th, 2020

    @Bolo @Anton
    Question 291
    Which type of address translation should be used when cisco asa is in transparent mode?
    A.static nat
    B.dynamic nat
    C.overload
    D.dynamic pat

    The answer is A on Anton’s file but im confused as asa on transparent mode supports dynamic nat right?

  76. Tut
    February 4th, 2020

    This Friday marks 2 weeks to the date that this site will be closed forever as the 210-260 exam retires!

    Good Luck Everyone

  77. Moha
    February 4th, 2020

    @Bolo
    thanks for your reply

    @securitas
    *-Qm_Idle is for ios isakmp for phase 1 up AM_Active/MM_Active for ASA
    *- AMP checks file reputation on cloud-based intelligence network , but i don;t know if there is other ways/ better ways.
    source: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/210534-Configuring-static-File-Reputation-host.html
    *anti malware monitor the behavior of a file or use sandbox to isolate suspicious files

  78. Copy link and paste in your browser
    February 4th, 2020

    passed my exam 210-260 and get 978

    1 SIM: Connection less VPN
    D&D : Drag and drop the each port-security violation

    Copy link and paste in your browser
    poweredbydialup.online/WV4VYT

  79. Anonymous
    February 4th, 2020

    Could you please answer me for below question?
    Which two problems can arise when a proxy firewall serves as the gateway between networks?
    (Choose two)
    A. It can cause reduced throughput.
    B. It is unable to prevent direct connections to other networks.
    C. It can prevent content caching.
    D. It is unable to provide antivirus protection.
    E. It can ktrtf application support.(I dont know what does ktrtf means?)……

  80. Giu
    February 4th, 2020

    @Suppy
    In what version of Anton’s file you found this question? In the last version (1.3) there isn’t!

  81. Sabah
    February 4th, 2020

    passed yesterday with 944 , anton’s file still valid

  82. Bolo
    February 4th, 2020

    @Suppy, Giu
    Both static and dynamic NAT is supported in transparent mode. They serve different purposes, so the question saying “should be used” makes no sense. It is prolly incorrectly copied question, that appeared differently on the exam.
    And if it’s not in Anton’s file, it means it does not appear anymore – so there’s no need to worry about it.

    @Sabah
    Grats, thanks for the info.

  83. Moha
    February 4th, 2020

    @all
    Anyone took the exam today, can confirm or update the new questions.

  84. Peter
    February 4th, 2020

    I passed exam today 9xx/1000

    I would like to thanks @Bolo @Anton for their true support and hard work. They have helped everyone for free. I got 67 questions and 50 of them are from Anton’s file and 17 are the new questions but I found new questions are not that difficult. I don’t remember new questions but I will try my best to remember and I promise to share everyone if I got any of them. I wish good luck to everyone who is preparing for the exam.

  85. Curious
    February 4th, 2020

    @Bolo @ Anton

    Do you guys have latest dump for CCNP Route and CCNP Switch? Please help me if you have

  86. Moha
    February 4th, 2020

    @peter
    so did you find any questions from the below or do they remind you of questions ?
    regarding how you would set up an ike tunnel for cisco ios
    + isakmp_qm_ready isakmp_idle isakmp_qm_idle
    + difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.
    + there were out of this world question regarding IPS that i cant remember coz i got rattled
    + where is file reputation in cisco amp being executed
    – perimeter
    – endpoint
    – ESA
    – cloud

    + how does an Antimalware installed on an endpoint check for a malicious file
    – file reputation
    – signature checking
    – context
    – sandboxing

  87. David_CCNP
    February 4th, 2020

    Hi all,

    I have CCNP R&S, i had decided to take CCNP Security cert a while ago therefore I intended to take CCNA Security exam. But you know cisco has changed the format.

    At this point;

    If I pass the CCNA security, will i have advantage for the new CCNP Security?
    I have been studying for the CCNA security exam for two weeks, still should i take the exam?

    What are your opinions, thanks in advance.

    Regards…

  88. dredv
    February 4th, 2020

    morons from testcenter changing questions 2 Weeks before exam end…unbelievable.
    @securitas, Peter, Sabah or who else did the test in last days…
    @”+ regarding how you would set up an ike tunnel for cisco ios”

    i found this old question in PL, was it in the exam like this?

    Refer to the exhibit.
    —————————–
    | crypto ikev1 policy1
    | encryption aes
    | hash md5
    | authentication pre-shared
    | group 2
    | lifetime 14400
    —————————-
    What is the effect of the given command sequence?
    *A. It configures IKE Phase 1
    B. It configures a site-to-site VPN Tunnel
    C. It configures a crypto policy with a key size of 14400
    D. It configures IPSec Phase 2

  89. dredv
    February 4th, 2020

    @”+ difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.”
    also here some old questions….
    In which three ways does the TACACS protocol differ from RADIUS? (Choose three)
    *A. TACACS uses TCP to communicate with the NAS
    *B. TACACS can encrypt the entire packet that is sent to the NAS
    C. TACACS authenticates and authorizes simultaneously, causing fewer packets to be transmitted
    D. TACACS uses UDP to communicate with the NAS
    E. TACACS encrypts only the password field in an authentication packet
    *F. TACACS support per-command authorization

  90. dredv
    February 4th, 2020

    and this one
    Which three ways does the RADIUS protocol differ from TACACS?? (Choose three)
    *A. RADIUS authenticates and authorizes simultaneously. Causing fewer packets to be transmitted
    *B. RADIUS encrypts only the password field in an authentication packets
    C. RADIUS can encrypt the entire packet that is sent to the NAS
    *D. RADIUS uses UDP to communicate with the NAS
    E. RADIUS uses TCP to communicate with the NAS
    F. RADIUS support per-command authentication

  91. helpo xx
    February 5th, 2020

    Guys,
    i passed the exam this morning
    score 93x/1000
    the same simulation ASDM , and the same questions + the same responses
    the same drag and drop from antone file
    67 questions – 55 from Antone file , but i had 12 new questions, which are not in antone file , one of them about UCS some thing like that, for this reason i lost the 60 points, because of these 12 new questions, some of theme are difficult
    good luck guys

  92. Peter
    February 5th, 2020

    @Moha

    Yes the new questions are some how you mentioned as below
    + isakmp_qm_ready isakmp_idle isakmp_qm_idle
    + difference bet radius and tacacs. the choices were diff from anton i just chose the best answer for me.
    + there were out of this world question regarding IPS that i cant remember coz i got rattled
    + where is file reputation in cisco amp being executed
    – perimeter
    – endpoint
    – ESA
    – cloud

    + how does an Antimalware installed on an endpoint check for a malicious file
    – file reputation
    – signature checking
    – context
    – sandboxing

    and one question about UCS. But I believe Anton’s file is enough to pass the exam

  93. CATS
    February 5th, 2020

    New Question

    1) Where is File Reputation in Cisco AMP being executed?

    A. Perimeter
    B. Endpoint
    C. ESA
    D. Cloud

    Answer: C maybe D

    “File Reputation captures a fingerprint of each file as it traverses the ESA and sends it to AMP’s cloud-based intelligence network for a reputation verdict”

    The verdict comes from the cloud but maybe the execution of this process happens on the ESA

  94. CATS
    February 5th, 2020

    New Question

    1) how does an Antimalware installed on an endpoint check for a malicious file?

    A. file reputation
    B. Signature checking
    C. Context
    D. Sandboxing

    Answer: B

  95. Moha
    February 5th, 2020

    @CATS
    AMP is a solution for firepower and ESA and other clients so if ESA correct endpoints would be correct too ?

    also for Anti malware AMP is advanced malware protection so it checks for file reputation and if it’s unknown the threat grid put the file in sandbox and rate it.
    https:// www .youtube. com/ watch?v=ZDBMH7X4Dr4

  96. Daniel Smith
    February 5th, 2020

    Hi Guys,

    Was anybody at the exam today? What were the new questions?

    Thanks,
    Dan

  97. Anonymous
    February 5th, 2020

    Hi guys,

    One question regarding sims in ASDM. Do they require you to use wizards or configure stuff manually? Or you can pick the way? Thx in advance.

  98. securitas
    February 5th, 2020

    Regarding the following questions:

    1.Where is file reputation in cisco amp being executed
    a)perimeter
    b)endpoint
    c)esa
    d)cloud

    Ans:
    As per Cisco official doc, “File reputation: AMP for Endpoints contains a comprehensive database of every file that has ever been seen and a corresponding good or bad disposition. As a result, known malware is quickly and easily quarantined at the point of entry without any processor-intensive scanning.”

    So answer is b) endpoint.

    2.How does an Antimalware installed on an endpoint check for a malicious file
    a)file reputation
    b)signature checking
    c)context
    d)sandboxing

    Ans:
    Again, from Cisco docs: “AMP for Endpoints will automatically identify executables that exist in low numbers across your endpoints and analyze those samples in our cloud-based sandbox to uncover new threats. Targeted malware or advanced persistent threats will often fly under the radar and start on only a few endpoints”.
    The antivirus uses local database for signature checking as well.

    So for me this question seems more like a semantics/interpretation thing. What do they mean by “check”? If it is to do an analysis on a selected type of file, or suspicious file, I’d say answer d) from Cisco doc. If they refer to the general detection mechanism, I’d say c) context.

    Please let me know your thoughts. Thanks.

  99. Bolo
    February 5th, 2020

    @securitas
    File Reputation is executed in the cloud. Endpoints send files for analysis to the cloud-based service.

    Most of anti-malware software installed on endpoints uses signature checking (or pattern-matching as they sometimes call it) and heuristic analysis.

  100. Krish
    February 5th, 2020

    Is SIM is same as Anton file right , no change in exam right? Can anyone confirm that.


  101. Note: Please do not open any suspicious links (especially short links and links that need to remove some words to open) in the comment section above as they are usually spams and may harm your computer.
Comment pages
1 16 17 18 19 20 22 675
Add a Comment