Share your CCNA Security Experience
November 5th, 2015
Go to comments
Please share with us your experience after taking the CCNA Security 210-260 exam, your materials, the way you learned, your recommendations…
Please share with us your experience after taking the CCNA Security 210-260 exam, your materials, the way you learned, your recommendations…
Become a member to practice all the questions on our site!
@Pinokio Yes,available in PDF and VCE formats
Guys,
Who has the new 20 questions?
I have failed with 755 score
@MrTantuni what MCQ are included? Does it have MCQ from C0achGreece?
@MrTantuni
tell us about your exam what dump you review **********
Is any one have dump ccna security 210-260 plz send me to ephremalemu @gmail.com
HELLO !
2 PASSED TODAY ==> They use dump with 931 questions dump.
♥♥ (Updated on 9th October with new questions) ♥♥
Download link : rb.gy/1360ca
@ Ebrahem IS FAKE FAKE FAKE FAKE FAKE
@ Ebrahem IS FAKE FAKE FAKE FAKE FAKE
@misou and @misou
I worked with passleader dump. Most answers are wrong and I have seen 20 new questions that i havent seen anywhere before.
There is a drop and drag about vlans and shutdowns. I reviewed C0achGreece dump after the exam but still there a lot new questions guys. I am not sure what they did on the October update.
We need new updated dump
@ EBS_CCNA_Security younare right
@ EBS_CCNA_Security younare right
Guys what will be the correct answer of below question, as dumps shows A
Which statement about the communication between interfaces on the same security level is
true?
A. Interfaces on the same security level require additional configuration to permit interinterface
communication.
B. Configuring interfaces on the same security level can cause asymmetric routing.
C. All traffic is allowed by default between interfaces on the same security level.
D. You can configure only one interface on an individual security level.
Answer: A
ZDA, Answer A is correct.
same-security-traffic command
To permit communication between interfaces with equal security levels, or to allow traffic to enter and exit the same interface, use the same-security-traffic command in global configuration mode. To disable the same-security traffic, use the no form of this command.
same-security-traffic permit {inter-interface | intra-interface}
no same-security-traffic permit {inter-interface | intra-interface}
link: https://www.cisco.com/c/en/us/td/docs/security/asa/asa82/command/reference/cmd_ref/s1.html
@ zda
Correct is A.
Securiry level interface standard values
Inside 100
DMZ 50
Outside 0
@ MrTantuni
Thank you for shared your experience.
I’m worried about this atualization too.
Someone have this new question please?
Thanks for your help @ CCNP R&S AND EBS_CCNA_SECURITY
Hello,
Passed today with 898, I studied Coachgreece questions, but I also did CBT nuggets from Keith Baker and 31 days before ccna security exam book. There were a lot of new questions and 1 different multiple choice about port security.
@ GAG_09 good
are you remember about what new question ???
HELLO !
1 PASSED TODAY ==> They use dump with 931 questions dump.
NEW UPDATES ♥♥ (Updated on 22th October with new questions) ♥♥
Download link : rb.gy/1360ca
@ GAG_09 what dump do you use?
do you remember about new questions?
2.Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files —> IPS cannot see encr packets, right?
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behavior at the desktop level.
3.If a router configuration includes the lineaaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
A. The user will be prompted to authenticate using the enable password
B. Authentication attempts to the router will be denied
C. Authentication will use the router`s local database
D. Authentication attempts will be sent to the TACACS+ server
4.Which of encryption technology has the broadcast platform support to protect operating systems?
A. Middleware
B. Hardware
C. software
D. file-level
5.Which technology can be used to rate data fidelity and to provide an authenticated hash for data?
A. Network blocking
B. signature updates
C. file analysis
D. file reputation
6.Your security team has discovered a malicious program that has been harvesting the CEO’s email messages and the company’s user database for the last 6 months. What type of attack did your team discover?
A. social activism
B. drive-by spyware
C. targeted malware
D. advance persistent threat
E. Polymorphic virus
7.What is the benefit of web application firewall?
A. It accelerate web traffic
B. It blocks know vulnerabilities without patching applications
C. It supports all networking protocols.
D. It simplifies troubleshooting
8.In which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations? (Choose three)
A. When matching ACL entries are configured
B. when matching NAT entries are configured
C. When the firewall requires hstrict HTTP inspection
D. When the firewall requires HTTP inspection
E. When Firewall Recieves a FIN packet
F. When the firewall already has a TCP connection
3.If a router configuration includes the lineaaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
A. The user will be prompted to authenticate using the enable password
B. Authentication attempts to the router will be denied
C. Authentication will use the router`s local database
D. Authentication attempts will be sent to the TACACS+ server
4.Which of encryption technology has the broadcast platform support to protect operating systems?
A. Middleware
B. Hardware
C. software
D. file-level
Can someone please share the updated dumps
someone have 20 new questions??
Passed using the same dump
983/1000
@jack, which dump you have used?
Prepare for the best CCNA exam and pass the exam. Free updates, any updates will be sent to you in the first time, to ensure that you are using the latest dump to take the exam. Make sure the exam passes. All questions and answers come from the real exam. After the actual test, the questions are accurate and effective, and 100% pass the CCNA exam. There are also CCNP exam questions and answers, which guarantee the test results.
https://www.cnet.com/forums/discussions/win10-i-need-your-help-i-hope-to-solve-my-problem/
afdafa IS FAKE FAKE FAKE FAKE
afdafa IS FAKE FAKE FAKE FAKE
Someone have the 210-260 new update oct 2019 dump?
@jack, which dump you have used? ****************
Passed just now. Over 920.
All questions from couchgreece you must know! 90% if not more.
I think around 10 new questions, hell no new 20!! What I remember now:
1. What type of malware spread and infects: bot, trojan, virus, worm, backdoor. Choose 2x.
2. What is OS od Cisco Esa?
3. Drag and drop new. Learn what protect, restrict, shutdown and shutdown vlan does. Its easy to match. this is in cisco book I found.
4. What does ISP does when receive a package. 2x to choose. Like will drop it, will send with no modification, etc
5. What are advantages of TACACS OVER radius? Three to choose. There are new to choose.
6. Question about authentication 801.x methods.
7. When using cisco cloud web protection, when proxy scanning is skipped. When connected to wired connection, when connected using wpa2 connection, when connected to corporate network, when connected via vpn with proxy scanning skipped service.
Maybe 2-3 more I cant remember now, but will think and write more today.
I strongly suggest to schedule it asap.
Sorry for gramar mistakes, but was typing quickly before I forget
8. What does command secure boot-image does. Choose one of 4. Saves a secure ios, boots reputer to secure ios and two more.
9. Something like what does STP PREVENTS: to choose there was like: attacker creates root bridge, attacker modify something,
10. There was a question about dhcp command outpoot and proper answer was ip dhcp snooping
I hope this will help someone as those are only new questions I had
This is for new D&D.
•protect—The PFC drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
•restrict—The PFC drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the security violation counter to increment.
•shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification
@ MyFakeName
thank you so muuuuuuuuuuuuuuuuuuuuuuch
@ MyFakeName thnak you so much
@MyFakeName
Do you have marked your questions equal C0achGreece? or followed Alex comments?
This comments ==>>
“alexAugust 20th, 2019
Wondering,
Not claiming absolute authority, but my answers to the questions from C0achGreece pdf are:
Q09: B
Explanation: sandboxing is in no way a standard action for the antivirus, it’s advanced AMP functionality, whereas B is what general antiviruses do.
Q26: BE
Q39: C
Q43 (not sure but): BC
Q44: B (100%)
Q56: A (100%)
Q63: C (B makes no sense in that context. C does)
Q65: C (in order to recognize applications on L7 of the OSI, firewall needs to perform deep (it’s deep because firewall needs to dig all the way up to L7 rather than usual L3/L4) packet inspection)
Good luck.”
Anyone who need 100% valid dump almost free
aabinusalk at Gmail dot com
I have followed the updated answers. Looks like it was correct :) Already deleted all materials, so can’t review it back.
@MyFakeName
Ok.
Do tou followed Alex comments?
Passed the exam today, with highest score 961/1000.
– advantages of the on-premise MDM
– OS of Cisco ESA
– secure boot-image
– STP
– command about ip dhcp snooping error
Without 2 star***
https:/**/drive.google.com/open?id=1DtQvYi0Hzz29pDLX-F1T4qBYb_WquSt1
1. What type of malware spread and infects: bot, trojan, virus, worm, backdoor. Choose 2x.
2. What is OS od Cisco Esa?
3. Drag and drop new. Learn what protect, restrict, shutdown and shutdown vlan does. Its easy to match. this is in cisco book I found.
4. What does ISP does when receive a package. 2x to choose. Like will drop it, will send with no modification, etc
5. What are advantages of TACACS OVER radius? Three to choose. There are new to choose.
6. Question about authentication 801.x methods.
7. When using cisco cloud web protection, when proxy scanning is skipped. When connected to wired connection, when connected using wpa2 connection, when connected to corporate network, when connected via vpn with proxy scanning skipped service.
Hi guys, I have a doubt regarding this question:
Which two statements about Hardware-Based encryption are true? (Choose two.)
A. It is potentially easier to compromise than software-based encryption.
B. It can be implemented without impacting performance.
C. It is widely accessible.
D. It is highly cost-effective
E. It requires minimal configuration
BD or BE
Thanks all. Stex
Please help me which new dumps I need to follow. I am about to take exam soon but the recent posts are making me worried.
DUMP TO PASS FOR SURE IS FAKE FAKE FAKE
DUMP TO PASS FOR SURE IS FAKE FAKE FAKE
@stex
For me correct is BE
Congratulations!
Passed the 210-260 exam recently!
Got 63 questions, including 5 Drag and Drops (DHCP and WSA…etc.), 1 SIM with 4 questions.
I mainly learned the PassLeader 210-260 dumps (537q version), all questions are available in PassLeader.
Really helpful.
P.S.
Part of PassLeader 210-260 dumps are available here FYI:
drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg
(537q~~~NEW VERSION DUMPS Updated Recently!!!)
Good luck, all!
[copy that link and open it in your web browser]
Is c0achGreece pdf still valid?
1. What type of malware spread and infects others: bot, trojan, virus, worm, backdoor. Choose 2 of 5.
2. What is OS of Cisco Esa?
3. Drag and drop new. Left side: protect, restrict, shutdown and shutdown vlan does. .
•protect—The PFC drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
•restrict—The PFC drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the security violation counter to increment.
•shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification
•shutdown vlan – last remaining option, but don’t remember.
4. What does IPS does when receive a package (?) to inspect. 2x to choose from a) Like will drop it, b) will send with no modification no matter what, etc
5. What are advantages of TACACS+ OVER radius? Three to choose. There are new to choose, but very simple if you know differences, like TACACS+ provide seperate AAA, is encrypted , etc.
6. Question about authentication 801.x methods. Asks about hash method and authentication type. I think it was 2x to choose.
7. When using Cisco cloud web protection, in what case proxy scanning is skipped. a) When connected by wired connection, b) when connected using wpa2 connection, c) when connected to corporate network, d) when connected via vpn with proxy scanning skipped service. One to choose.
8. What does command “secure boot-image32” does. Choose one of 4. a) Saves a secure ios to memory, b) boots router to secure ios and two more.
9. Something like what does STP PREVENTS: to choose there was something like: a) attacker creates root bridge, b) attacker modify something, c) other d) good answer
10. There was a question about dhcp command output and proper answer was ip dhcp snooping.
GOOD LUCK to everyone! This test retires in February. Try to take it ASAP.
Hi! Congratulations!
Passed the 210-260 exam recently!
Got 63 questions, including 5 Drag and Drops (DHCP and WSA…etc.), 1 SIM with 4 questions.
I mainly learned the PassLeader 210-260 dumps (537q version), all questions are available in PassLeader.
Really helpful.
P.S.
Part of PassLeader 210-260 dumps are available here FYI:
drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg
(537q~~~NEW VERSION DUMPS Updated Recently!!!)
Good luck, all!
[copy that link and open it in your web browser]
Part of PassLeader 210-260 IINS new questions (FYI):
[Get the download link at the end of this post]
NEW QUESTION 522
Which path do you follow to enable AAA through the SDM?
A. Configure > Tasks > AAA
B. Configure > Authentication > AAA
C. Configure > Additioonal Authentication > AAA
D. Configure > Additional Tasks > AAA
E. Configure > AAA
Answer: D
NEW QUESTION 523
What aims to remove the ability to deny an action?
A. Integrity
B. Deniability
C. Accountability
D. Non-Repudiation
Answer: D
NEW QUESTION 524
In which two models can the Cisco Web Security Appliance be deployed? (Choose two.)
A. as a transparent proxy using the Secure Sockets Layer Protocol
B. as a transparent proxy using the HyperText Transfer Protocol
C. explicit active mode
D. as a transparent proxy using the Web Cache Communication Protocol
E. explicit proxy mode
Answer: DE
NEW QUESTION 525
Which two statements about hardware-based encryption are true? (Choose two.)
A. It is potentially easier to compromise than software-based encryption.
B. It requires minimal configuration.
C. It can be implemented without impacting performance.
D. It is widely accessible.
E. It is highly cost-effective.
Answer: CE
NEW QUESTION 526
What is the main purpose of Control Plane Policing?
A. to prevent exhaustion of route-processor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
Answer: A
NEW QUESTION 527
What is the best definition of hairpinning?
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters and exits a device through the same interface
C. traffic that enters one interface on a device and that exits through another interface
D. traffic that tunnels through a device interface
Answer: B
NEW QUESTION 528
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593.
C. Tunnel DCE/RPC traffic through GRE.
D. Configure the DCE/RPC preprocessor.
Answer: B
NEW QUESTION 529
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?
A. authPriv
B. authNoPriv
C. noAuthPriv
D. noAuthNoPriv
Answer: B
NEW QUESTION 530
Which type of firewall can perform deep packet inspection?
A. application firewall
B. stateless firewall
C. packet-filtering firewall
D. personal firewall
Answer: A
NEW QUESTION 531
Which type of mechanism does Cisco FirePOWER deploy to protect against email threats that are detected moving across other networks?
A. signature-based
B. reputation-based
C. antivirus scanning
D. policy-based
Answer: B
NEW QUESTION 532
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for business purposes. Which action can you take to retain the blacklist while allowing users to access the approved sites?
A. Create a whitelist and manually add the approved addresses.
B. Edit the dynamic blacklist to remove the approved addresses.
C. Disable the dynamic blacklist and deny the specific address on a whitelist while permitting the others.
D. Disable the dynamic blacklist and create a static blacklist in its place.
Answer: A
NEW QUESTION 533
Which command enables port security to use sticky MAC addresses on a switch?
A. switchport port-security mac-address sticky
B. switchport port-security
C. switchport port-security violation protect
D. switchport port-security violation restrict
Answer: A
NEW QUESTION 534
Which attack can be prevented by OSPF authentication?
A. smurf attack
B. IP spoofing attack
C. Denial of service attack
D. buffer overflow attack
Answer: B
NEW QUESTION 535
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?
A. CTA
B. AMP
C. DLP
D. DCA
Answer: C
NEW QUESTION 536
……
Download more NEW PassLeader 210-260 dumps from Google Drive here:
drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg
(537q~~~NEW VERSION DUMPS Updated Recently!!!)
Good luck, all!
[copy that link and open it in your web browser]
What is the answer for this question ? I had this question in the exam
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593.
C. Tunnel DCE/RPC traffic through GRE.
D. Configure the DCE/RPC preprocessor.
Passed the exam today 961/1000.
– advantages of the on-premise MDM
– OS of Cisco ESA
– secure boot-image
– STP
– command about ip dhcp snooping error
Without 2 star***
https:/**/drive.google.com/open?id=1DtQvYi0Hzz29pDLX-F1T4qBYb_WquSt1
NEW QUESTION 532
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for business purposes. Which action can you take to retain the blacklist while allowing users to access the approved sites?
A. Create a whitelist and manually add the approved addresses.
B. Edit the dynaw2mic blacklist to remove the approved addresses.
C. Disable the dynamic blacklist and deny the specific address on a whitelist while permitting the others.
D. Disable the dynamic blacklist and create a static blacklist in its place.
Answer: A
So guys, it turns out that Coach Greece is not valid and we should use Passleader 537q the updated version?
George
Also, did someone else used coach greece , or mainly the passleader pdf 537 questions + the new ones from Michael Davis?
@Michael Davis,please could you tell us about the lab which you have in your exam.
@ EBS_CCNA_Securit. Thanks a lot for your help.
Another one, is the following:
When using Cisco cloud web protection, in what case proxy scanning is skipped.
a) When connected by wired connection,
b) when connected using wpa2 connection,
c) when connected to corporate network,
d) when connected via vpn with proxy scanning skipped service.
One to choose.
What about this?
@stex
i think is “D ” because when the proxy is skipped you use vpn with cisco annyconnect without proxy
What does IPS does when receive a package (?) to inspect. 2x to choose from a) Like will drop it, b) will send with no modification no matter what, etc
@ Anonymous @ Anonymous @ Anonymous
y mean IPS ??? a package you mean what ??
@MrTantuni
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593.
C. Tunnel DCE/RPC traffic through GRE.
D. Configure the DCE/RPC preprocessor.
, i believe the answer is D
++++++++++++++++++
The DCE/RPC Preprocessor
…………….. The preprocessor analyzes DCE/RPC data streams and detects anomalous behavior and evasion techniques in DCE/RPC traffic. It also analyzes SMB data streams and detects anomalous SMB behavior and evasion techniques.
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/application_layer_preprocessors.html
++++++++++++++++++
Hi,I am preparing to take my exam. I’ve been reading anubis pdf for a month, is it still valid?
OSPF can be configured to authenticate every OSPF message. This is usually done to prevent a rogue router from injecting false routing information and therefore causing a Denial-of-Service attack .
NEW QUESTION 534
Which attack can be prevented by OSPF authentication?
A. smurf attack
B. IP spoofing attack
C. Denial of service attack
D. buffer overflow attack
Answer: c
Can somebody help me with this question
If the native VLAN on a trunk is different on each end of the link, what is a potential consequence?
A. The interface on both switches may shut down
B. STP loops may occur
C. The switch with the higher native VLAN may shut down
D. The interface with the lower native VLAN may shut down
i feel the answer might be A
but i see in dumps that the answer is B
I passed a few minutes ago with 92x/1000
Have some different question.
Have so much question about C0achGreece, but only C0achGreece Isn’t enough.
I had only 1 Drag and drop about STP.
1 Simulate equal C0achGreece
look at comment about “MyFakeName” for some new questions.
Thank you all.
Hello !
Passed the exam today 961/1000
– advantages of the on-premise MDM
– OS of Cisco ESA
– secure boot-image
– STP
– command about ip dhcp snooping error
s71.link/b/2C2d2GV
This link above is FAKE FAKE FAKE.
abd I’m nota writted this.
Hi EBS_CCNA_Security, congrats for passing the exam. Do you remember any of the new questions?
Can somebody help me with this question
If the native VLAN on a trunk is different on each end of the link, what is a potential consequence?
A. The interface on both switches may shut down
B. STP loops meway occur
C. The switch with the higher native VLAN may shut down
D. The interface with the lower native VLAN may shut down
i feel the answer might be A
but i see in dumps that the answer is B
1. how does the Cisco ASA use Active Directory to authorize VPN users?
A. It queries the Active Directory server for a Specfic attribute for the specific user
B. It sends the username and password to retire an ACCEPT or Reject message from the Active Directory server
C. It downloads and stores the Active Directory databas to query for future authorization
D. It redirects requests to the Active Directory server defined for the VPN group
2.Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files —> IPS cannot see encr packets, right?
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behavior at the desktop level.
3.If a router configuration includes the lineaaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
A. The user will be prompted to authenticate using the enable password
B. Authentication attempts to the router will be denied
C. Authentication will use the router`s local database
D. Authentication attempts will be sent to the TACACS+ server
4.Which of encryption technology has the broadcast platform support to protect operating systems?
A. Middleware
B. Hardware
C. software
D. file-level
5.Which technology can be used to rate data fidelity and to provide an authenticated hash for data?
A. Network blocking
B. signature updates
C. file analysis
D. file reputation
6.Your security team has discovered a malicious program that has been harvesting the CEO’s email messages and the company’s user database for the last 6 months. What type of attack did your team discover?
A. social activism
B. drive-by spyware
C. targeted malware
D. advance persistent threat
E. Polymorphic virus……………
2.Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files —> IPS cannot see encr packets, right?
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behavior at the desktop level…………..
https://www.cnet.com/forums/discussions/win10-i-you-good-help-i-good-to-love-my-problem-love-my-problem/
Coachgreece’s google drive suddenly became inaccessible. Can anyone please confirm?
NEW QUESTION 530
Which type of firewall can perform deep packet inspection?
A. application firewall
B. stateless firewall
C. packet-filtering firewall
D. personal firewall
Answer: C
The five types of firewall are:
Packet filtering firewall
Circuit-level gateway
Stateful inspection firewall
Application-level gateway (aka proxy firewall)
Next-generation firewall (NGFW)
. how does the Cisco ASA use Active Directory to authorize VPN users?
A. It queries the Active Directory server for a Specfic attribute for the specific user
B. It sends the username and password to retire an ACCEPT or Reject message from the Active Directory server
C. It downloads and stores the Active Directory databas to query for future authorization
D. It redirects requests to the Active Directory server defined for the VPN group
ANSWER:A
2.Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files —> IPS cannot see encr packets, right?
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behavior at the desktop level.
ANSWER:ADF
3.If a router configuration includes the lineaaa authentication login default group tacacs+ enable, which events will occur when the TACACS+ server returns an error? (Choose two.)
A. The user will be prompted to authenticate using the enable password
B. Authentication attempts to the router will be denied
C. Authentication will use the router`s local database
D. Authentication attempts will be sent to the TACACS+ server
ANSWER:AB
4.Which of encryption technology has the broadcast(broadest) platform support to protect operating systems?
A. Middleware
B. Hardware
C. software
D. file-level
ANSWER:C
5.Which technology can be used to rate data fidelity and to provide an authenticated hash for data?
A. Network blocking
B. signature updates
C. file analysis
D. file reputation
ANSWER: D
6.Your security team has discovered a malicious program that has been harvesting the CEO’s email messages and the company’s user database for the last 6 months. What type of attack did your team discover?
A. social activism
B. drive-by spyware
C. targeted malware
D. advance persistent threat
E. Polymorphic virus……………
ANSWER:DE
If the native VLAN on a trunk is different on each end of the link, what is a potential consequence?
A. The interface on both switches may shut down
B. STP loops meway occur
C. The switch with the higher native VLAN may shut down
D. The interface with the lower native VLAN may shut down
ANSWER: B
@dk2019
regarding this question:
6.Your security team has discovered a malicious program that has been harvesting the CEO’s email messages and the company’s user database for the last 6 months. What type of attack did your team discover?
A. social activism
B. drive-by spyware
C. targeted malware
D. advance persistent threat
E. Polymorphic virus……………
I THINK C,D should be correct
100% Valid dump are Available. Almost free
Aabinusalk at Gmail dot com
2.Which three statements about host-based IPS are true? (Choose three)
A. It can view encrypted files —> IPS cannot see encr packets, right?
B. It can be deployed at the perimeter
C. It uses signature-based policies
D. It can have more restrictive policies than network-based IPS
E. It works with deployed firewalls
F. It can generate alerts based on behavior at the desktop level…………..
ANSWER:ADF
Which type of firewall can perform deep packet inspection?
A. application firewall
B. stateless firewall
C. packet-filtering firewall
D. personal firewall
ANSWER: A
C is nit correct application level can do far deeper inspection than packet filering firewall.Packet filtering operates at layer 3 and 4 of OSI model making processing deciscion based on ip address,port or protocol.If malicious traffic passes through the allowed port i will not be detected is why is considered to be insecure firewall.I hope the explanation provide the required understanding.
Which attack can be prevented by OSPF authentication?
A. smurf attack
B. IP spoofing attack
C. Denial of service attack
D. buffer overflow attack
Answer: B
Which action does standard antivirus software perform as part of the file‐analysis process?
A. execute the file in a simulated environment to examine its behavior
B. examine the execution instructions in the file
C. flag the unexamined file as a potential threat
D. create a backup copy of the file
Answer: B
Which two statements about hardware-based encryption are true? (Choose two.)
A. It is potentially easier to compromise than software-based encryption.
B. It requires minimal configuration.
C. It can be implemented without impacting performance.
D. It is widely accessible.
E. It is highly cost-effective.
Answer: BE
You have just deployed SNMPv3 in your environment. Your manager asks you make sure that
your agents can only talk to the SNMP Manager.
What would you configure on your SNMP agents to satisfy this request?
A. Routing Filter with the SNMP managers in it applied outbound
B. A SNMP View containing the SNMP managers
C. A standard ACL containing the SNMP managers applied to the SNMMP configuration.
D. A SNMP Group containing the SNMP managers
Answer: C
What are two major considerations when choosing between a SPAN and a TAP when
implementing IPS? (Choose two.)
A. the amount of bandwidth available
B. the way in which dropped packets will be handled
C. the type of analysis the IPS will perform
D. whether RX and TX signals will use separate ports
E. the way in which media errors will be handled
Answer: BC
Which information can you display by executing the show crypto ipsec sa command?
A. proxy information for the connection between two peers
B. IPsec SAs established between two peers
C. recent changes to the IP address of a peer router
D. ISAKMP SAs that are established between two peers
Answer: B
What is the main purpose of Control Plane Policing?
A. to prevent exhaustion of route-processor resources.
B. to define traffic classes.
C. to organize the egress packet queues.
D. to maintain the policy map.
Answer: A
How can you prevent NAT rules from sending traffic to incorrect interfaces?
A. Configure twice NAT instead of object NAT.
B. Add the no-proxy-arp command to the nat line.
C. Assign the output interface in the NAT statement.
D. Use packet-tracer rules to reroute misrouted NAT entries.
Answer: C
Which attack can be prevented by OSPF authentication?
A. smurf attack
B. IP spoofing attack
C. Denial of service attack
D. buffer overflow attack
Answer: C is the correct answer.
Authentication is configured to prevent a rogue device from injecting routing information to a routing table hence causing denial of service.
Guys, Just cleared the exam
67 qstions
1 new D&D about STP
1 sim
Majority of the questions were from coachgreece and youki.
Couple of new ones, same as mentioned by @MyFakeName earlier
When using Cisco cloud web protection, in what case proxy scanning is skipped.
a) When connected by wired connection,
b) when connected using wpa2 connection,
c) when connected to corporate network,
d) when connected via vpn with proxy scanning skipped service.
One to choose.
Can someone please share Youki dumps
What was STP DD about? @wazzaa
What are two major considerations when choosing between a SPAN and a TAP when
implementing IPS? (Choose two.)
A. the amount of bandwidth available
B. the way in which dropped packets will be handled
C. the type of analysis the IPefwrS will perform
D. whether RX and TX signals will use separate ports
E. the way in which media errors will be handled
Answer: BC
When using Cisco cloud web protection, in what case proxy scanning is skipped.
a) When connected by wired connection,
b) when connected using wpa2 connection,
c) when connected to corporate network,
d) when connected via vpn with proxy scanning skipped service.
answer guys ????
When using Cisco cloud web protection, in what case proxy scanning is skipped.
a) When connected by wired connection,
b) when connected using wpa2 connection,
c) when connected to corporate network,
d) when connected via vpn with proxy scanning skipped service.
ANSWER: D
To exclude or include specific network traffic from cisco web security scanning use web security profile editor to configure exceptions. Categories of exceptions are host exceptions or host inclusions, proxy xceptions, static exceptions. In static exception ip addesses to be excluded are listed which also includes anyconnect(vpn).
100% Valid dump ais Available. Almost free
Aabinusalk at Gmail dot com
Anybody knows were to get valid dumps to practice?
What sims were in exam? The same as Coach Greece?
Google Drive for Couch Greece also not working?
When using Cisco cloud web protection, in what case proxy scanning is skipped.
a) When connected by wired connection,
b) when connected using wpa2 connection,
c) when connected to trusted corporate network,
d) when connected via vpn with proxy scanning skipped service.
CORRECT ANSWER: C , the previous response was incorrect.
You can configure the Secure Trusted Network Detection feature to identify endpoints that are on the corporate LAN. If this feature is enabled, any network traffic originating from the corporate LAN bypasses Cisco Cloud Web Security scanning proxies. The security of that traffic is managed by other methods and devices on the corporate LAN rather than by Cisco Cloud Web Security.
@wazaa: Yes the correct answer is Configure the DCE/RPC preprocessor
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593.
C. Tunnel DCE/RPC traffic through GRE.
D. Configure the DCE/RPC preprocessor.
, i believe the answer is D
++++++++++++++++++
The DCE/RPC Preprocessor
Can someone share the latest dumps please?
fuafuark @ gmail . com
@ Legend can you please share the link for google drive for Coach Greece i cant find it
thanks
Is coach Greece still valid ?
Does PFC stand for Priority-based Flow Control?
advantage of on-permis MDM
The benefits of having an on-premise MDM solution include greater control over management of the BYOD solution, a
potentially higher degree of security, particularly with respect to intellectual property, and, depending on the
vertical in which the organization resides, an easier means of meeting certain regulatory complianc
I have the coachgreece vce and more pdfs i will share if someone host it.
Is coach Greece still valid ?
Yes – please share coachgreence and other pdfs