Share your CCNA Security Experience
November 5th, 2015
Go to comments
Please share with us your experience after taking the CCNA Security 210-260 exam, your materials, the way you learned, your recommendations…
Please share with us your experience after taking the CCNA Security 210-260 exam, your materials, the way you learned, your recommendations…
Become a member to practice all the questions on our site!
@no_mans_lands please share
I am going to re-take the exam tomorrow. I have failed for the first time.
@MrTantuni, Goodluck
Let us know the outcome of your exam!
coachgreece link does not work for me; 404 error. anyone have the files?
What are two major considerations when choosing between a SPAN and a TAP when
implementing IPS? (Choose two.)
A. the amount of bandwidth available
B. the way in which dropped packets will be handled
C. the type of analysis the IPS will perform
D. whether RX and TX signals will use separate ports
E. the way in which media errors will be handled
Answer: A and C (sure )
When deciding whether to use a TAP or SPAN the two primary factors that will affect your decision are the type of analysis and amount of bandwidth.
https://****observer.viavisolutions.com/includes/popups/taps/tap-vs-span.php
MyfakeName,
Or anyone else…
Could you please advise what were your answers to the below questions:
4. What does IPS does when receive a package (?) to inspect. 2x to choose from a) Like will drop it, b) will send with no modification no matter what, etc
5. What are advantages of TACACS+ OVER radius? Three to choose. There are new to choose, but very simple if you know differences, like TACACS+ provide seperate AAA, is encrypted , etc.
6. Question about authentication 801.x methods. Asks about hash method and authentication type. I think it was 2x to choose.
7. When using Cisco cloud web protection, in what case proxy scanning is skipped. a) When connected by wired connection, b) when connected using wpa2 connection, c) when connected to corporate network, d) when connected via vpn with proxy scanning skipped service. One to choose.
8. What does command “secure boot-image” does. Choose one of 4. a) Saves a secure ios to memory, b) boots router to secure ios and two more.
9. Something like what does STP PREVENTS: to choose there was something like: a) attacker creates root bridge, b) attacker modify something, c) other d) good answer
10. There was a question about dhcp command output and proper answer was ip dhcp snooping.
https://****www.***mediafire.****com/folder/l6v353zta3jo9/CCNA%20%20*****Security%20210-260%20IINS#myfiles**** remove all *
youki and anubis posted in the link above will upload coachgreece
http://*****www.****filedropper.******com/******c0achgreece31-august-2019*****
@MrTantuni Goodluck please let us know the outcome
I passed today exam :)
around 15 new questions. Focus on MyfakeName comments and study cisco material.
misou 12 IS FAKE FAKE FAKE FAKE
misou 12 IS FAKE FAKE FAKE FAKE
@misou 12 IS FAKE FAKE FAKE FAKE
is not fake why fake you ?????********** it’s true
_baq_123
Can you please let us know if you got the same questions as MyFakeName? Can you remember the question for the 802.1 authentication and what are the correct answers?
Thanks!
1. Which 802.1x component enforces the network access policy?
a. RADIUS Server
b. Authentication server
c. Supplicant
d. Authenticator
ANSWER: D
2. In a cisco cloud web security environment, when can network traffic bypass the scanning proxies?
a. When the client is connected to a VPN service that bypasses proxies
b. When the client is connected to a WPA2 Enterprise network
c. When the client is connected to a wired network
d. When the client is on trusted corporate network
ANSWER: D
3. On which operating system does the Cisco Email Security Appliance run?
a. Cisco IOS XR
b. Cisco IOS XE
c. Cisco AsyncOS
d. Cisco NX-OS
e. Cisco ESA-OS
ANSWER: C
Guys!!!!!!
I passed it this time. My score was 921!
I followed / studied 31 before CCNA security C0achGreece, Alex’s comments and MyfakeName comments.
There was a question about privileged exec mode default value range… I answered 0-15
let me know who needs the dumps i studied with. I can send it before i delete them :)
I wish we could this community ads free. I wish luck to everyone
Thank you all.
2. In a cisco cloud web security environment, when can network traffic bypass the scanning proxies?
a. When the client is connected to a VPN service that bypasses proxies
b. When the client is connected to a WPA2 Enterprise network
c. When the client is connected to a wired network
d. When the client is on trusted corporate network
ANSWER: D
3. On which operating system does the Cisco Email Security Appliance run?
a. Cisco IOS XR
b. Cisco IOS XE
c. Cisco AsynacOS
d. Cisco NX-OS
e. Cisco ESA-OS
ANSWER: C
MrTantuni, congrats!
Please send what you used to study with
Anyone who is interested in dump
100% Valid dump are Available. Almost free
Aabinusalk at Gmail dot com
Hi Mr. Tantuni, Bros congrats in the first place ooo … can u fi please send me what u studied ..
afrodesire at yahoo . de
MrTantuni Congratulations.
Please if you can be able to help me with the dumps you studied with I will be much appreciate
Thanks so much
ameenumuh @ gmail dot com
Congratulations MrTantuni.
could you please share your materials?
did you remember the new questions?
tzarayass @ gmail dot com
thank you!
MrTantuni….Congrats. Can you send me your dumps. Please Sir!! I would appreciate it very much.
dano.frost7 at gmail
Congratulations MrTantuni!
Would you be able to please send me what you have at jsmithson364 @ yandex .com
Did mrtantuni send the dumps to any one here?
If so are they good and can someone post them here?
5.You are configuring a site-to-site tunnel between two cisco routers by using IPsec. Which option do you set to specify the peer to which you want to connect?
a. IP address by using a crypto map
b. IP address of tunnel destination
c. Tunnel group that has a peer P address
d. IP address as part of the ISAKMP configuration
ANSWER: A
6.Which statement about TACACS+ is true
a. TACACS+ is used for user access to network resources more than administrative access to network devices
b.All data that is transmitted between the client and TACACS+ Server Is cleartext
c. TACACS+ server listens UDP port 1813 for accounting
d. TACACS+ is more flexible than RADIUS because it separates all AAA into individual process
e. Password are transmitted between the client and server using MD5 hashing
ANSWER: D
7. You are configuring an IPS that must be able to react to potential attack. Which deployment method do you use?
a. Passive deployment that uses failsafe
b. Passive deployment that uses tap mode
c. Inline deployment that uses a SPAN
d. Transparent Inline Mode
ANSWER: D
8. Which effect of the secure boot-image command is true?
a. It configures the device to bot to secure IOS image
b. It displays the status of the bootset
c. It archives a secure copy of the IOS image
d. It archives a secure copy of the device configuration
ANSWER: C
9. Drag and Drop
• Shutdown – The interface is error-disabled
• Shutdown Vlan – The virtual layer 2 segment is disabled
• Restrict – When the number of secure MAC address on the port reaches a specified maximum limit, the port drops packet and sends an SNMP trap
• Protect – When the number of secure MAC addresses on the port reaches a special maximum, the port drops packets without notification.
10. Refer to the exhibit. Your notice the error message in the syslog. Which command do you enter on the switch to gather more information?
%SW_DAI-4-DHCP_SNOOPING _DENY: 2 invalid ARPs (Res) on Fa0/10, Vlan 200
a. Show ip dhcp snooping binding
b. Show mac address-table
c. Show ip arp
d. Show ip source binding
ANSWER: A
11. Which two statement about STP attacks are true?(choose two)
a. The attacker sets up a rogue DHCP server to intercept requests
b. They can be performed only when Cisco Discovery protocol Is running
c. Then can mitigate by disabling STP
d. They can create the opportunity for subsequent man-in-the middle attacks
e. The attacker sends BPDU messages to become the root bridge
f. They can be executed only from a hub
ANSWER: DE
Passsed my exam score with 9xx
Took it in miami on Tuesday
I am now off the ccie
61 Questions, 1x LAB with 4 parts and 4x DRAG AND DROPS.
I saw about dozen new questions
many were just re written with different numbers/IP
so new ones that were not seen here,
I agree with Learn by learning beware the pass4sure package is very buggy and way too many wrong answers. the best methods used are my your own word file from all the fixed , corrected Q&A and the very useful UDEMAY video set is a very worthy cheap buy
THANK you Very much to REAL posters and RED-DOT for the word file idea.
I wish him best luck were ever you are now
my too pass
used
UDEMAY video set
RED-DOT word file idea.
updates from this here set
bueno my firends
off to CCDP now
beware that
Full Authentic Dumps
is a regular fake spammer
@MrTantuni Congratz! can you share your study material? I’m about to take my exam next week can you send it to unhappyaj0 @ gmail .com
Thanks!
s71.link/b/328bTYA————FAKE FAKE
s71.link/b/328bTYA————FAKE FAKE
1. Which 802.1x component enforces the network access policy?
a. RADIUS Server
b. Authentication server
c. Supplicant
d. Authenticator
ANSWER: D
2. In a cisco cloud web security environment, when can network traffic bypass the scanning proxies?
a. When the client is connected to a VPN service that bypasses proxies
b. When the client is connected to a WPA2 Enterprise network
c. When the client is connected to a wired network
d. When the client is on trusted corporate network
ANSWER: D
3. On which operating system does the Cisco Email Security Appliance run?
a. Cisco IOS XR
b. Cisco deXE
c. Cisco AsyncOS
d. Cisco NX-OS
e. Cisco ESA-OS
ANSWER: C
5.You are configuring a site-to-site tunnel between two cisco routers by using IPsec. Which option do you set to specify the peer to which you want to connect?
a. IP address by using a crypto map
b. IP address of tunnel destination
c. Tunnel group that has a peer P address
d. IP address as part of the ISAKMP configuration
ANSWER: A
6.Which statement about TACACS+ is true
a. TACACS+ is used for user access to network resources more than administrative access to network devices
b.All data that is transmitted between the client and TACACS+ Server Is cleartext
c. TACACS+ server listens UDP port 1813 for accounting
d. TACACS+ is more flexible than RADIUS because it separates all AAA into individual process
e. Password are transmitted between the client and server using MD5 hashing
ANSWER: D
7. You are configuring an IPS that must be able to react to potential attack. Which deployment method do you use?
a. Passive deployment that uses failsafe
b. Passive deployment that uses tap mode
c. Inline deployment that uses a SPAN
d. Transparent Inline Mode
ANSWER: D
8. Which effect of the secure boot-image command is true?
a. It configures the device to bot to secure IOS image
b. It displays the status of the bootset
c. It archives a securebjkcopy of the IOS image
d. It archives a secure copy of the device configuration
ANSWER: C
OSPF can be configured to authenticate every OSPF message. This is usually done to prevent a rogue router from injecting false routing information and therefore causing a Denial-of-Service attack .
NEW QUESTION 534
Which attack can be prevented by OSPF authentication?
A. smurf attack
B. IP spoofing attack
C. Denial ofqw service attack
D. buffer overflow attack
Answer: c
Can anyone share the STP drag and drop?
thanks!
Hi Mr.Tantuni may you send me the material to miccix___@___yahoo____com, please! Thanks a lot and my compliments for your passed exam!
Hay all of you
Anyone who is interested in dump
100% Valid dump are Available. Almost free
Aabinusalk at Gmail dot com
Pass – 945 Scores.
Use Youki Dumps. It still valid. Plus see question above in forum.
Passed the exam today 931/1000 ….. COachgreece, STP drag and drop… All questions by Fake name … All the best guys,,,
SSP, or someone else.
Can you please share STP drag and drop?
Thanks.
@MrTantuni tebrik ediyorum, sana zahmet banada gönderir misin ? info @ biseyvar . com
I have passed the exam 9xx/1000
All the question from Coachgreece, Alex comments as well as 10 to 12 new question mentioned by dk2019.
67 question, 1 D&D 1 Lab scenario
Are the Coachgreece PDF questions the saem as in the Coachgreece VCE file?
Where can I find the Coachgreece PDF??
Are the Coachgreece PDF questions the same as the questions in the Coachgreece VCE file?
Where can the Coachgreece PDF be accessed??
@ SSP may you send me the STP drug and drop? please. {email not allowed}
no_mans_land or someone that knows,
There have been several references to a Coachgreece VCE file and Coachgreece PDF file.
Are the questions in the Coachgreece VCE file the same as the questions in the Coachgreece PDF??
Could you please post D&D for STP question?
Which information can you display by executing the show crypto ipsec sa command?
A. proxy information for the connection between two peers
B. IPsec SAs established between two peers
C. recent changes to the IP address of a peer router
D. ISAKMP SAs that are established between two peers
Answer: C
The correct answer is B.
anyone passed???
please help.
thanks a lot.
thanks all!
Hi! Congratulations!
Passed the 210-260 exam recently!
67 questions
1 new D&D about STP
1 sim
I mainly learned the PassLeader 210-260 dumps (537q version), all questions are available in PassLeader.
Really helpful.
P.S.
Part of PassLeader 210-260 dumps are available here FYI:
drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg
(537q~~~NEW VERSION DUMPS Updated Recently!!!)
Good luck, all!
[copy that link and open it in your web browser]
Part of PassLeader 210-260 IINS new questions (FYI):
[Get the download link at the end of this post]
NEW QUESTION 522
Which path do you follow to enable AAA through the SDM?
A. Configure > Tasks > AAA
B. Configure > Authentication > AAA
C. Configure > Additioonal Authentication > AAA
D. Configure > Additional Tasks > AAA
E. Configure > AAA
Answer: D
NEW QUESTION 523
What aims to remove the ability to deny an action?
A. Integrity
B. Deniability
C. Accountability
D. Non-Repudiation
Answer: D
NEW QUESTION 524
In which two models can the Cisco Web Security Appliance be deployed? (Choose two.)
A. as a transparent proxy using the Secure Sockets Layer Protocol
B. as a transparent proxy using the HyperText Transfer Protocol
C. explicit active mode
D. as a transparent proxy using the Web Cache Communication Protocol
E. explicit proxy mode
Answer: DE
NEW QUESTION 525
Which two statements about hardware-based encryption are true? (Choose two.)
A. It is potentially easier to compromise than software-based encryption.
B. It requires minimal configuration.
C. It can be implemented without impacting performance.
D. It is widely accessible.
E. It is highly cost-effective.
Answer: CE
NEW QUESTION 526
What is the main purpose of Control Plane Policing?
A. to prevent exhaustion of route-processor resources
B. to organize the egress packet queues
C. to define traffic classes
D. to maintain the policy map
Answer: A
NEW QUESTION 527
What is the best definition of hairpinning?
A. ingress traffic that traverses the outbound interface on a device
B. traffic that enters and exits a device through the same interface
C. traffic that enters one interface on a device and that exits through another interface
D. traffic that tunnels through a device interface
Answer: B
NEW QUESTION 528
How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?
A. Update the IPS signature for HTTPS to validate DCE/RPC connections.
B. Block suspicious hosts from DCE/RPC port 593.
C. Tunnel DCE/RPC traffic through GRE.
D. Configure the DCE/RPC preprocessor.
Answer: B
NEW QUESTION 529
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?
A. authPriv
B. authNoPriv
C. noAuthPriv
D. noAuthNoPriv
Answer: B
NEW QUESTION 530
Which type of firewall can perform deep packet inspection?
A. application firewall
B. stateless firewall
C. packet-filtering firewall
D. personal firewall
Answer: A
NEW QUESTION 531
Which type of mechanism does Cisco FirePOWER deploy to protect against email threats that are detected moving across other networks?
A. signature-based
B. reputation-based
C. antivirus scanning
D. policy-based
Answer: B
NEW QUESTION 532
You have implemented a dynamic blacklist, using security intelligence to block illicit network activity. However, the blacklist contains several approved connections that users must access for business purposes. Which action can you take to retain the blacklist while allowing users to access the approved sites?
A. Create a whitelist and manually add the approved addresses.
B. Edit the dynamic blacklist to remove the approved addresses.
C. Disable the dynamic blacklist and deny the specific address on a whitelist while permitting the others.
D. Disable the dynamic blacklist and create a static blacklist in its place.
Answer: A
NEW QUESTION 533
Which command enables port security to use sticky MAC addresses on a switch?
A. switchport port-security mac-address sticky
B. switchport port-security
C. switchport port-security violation protect
D. switchport port-security violation restrict
Answer: A
NEW QUESTION 534
Which attack can be prevented by OSPF authentication?
A. smurf attack
B. IP spoofing attack
C. Denial of service attack
D. buffer overflow attack
Answer: B
NEW QUESTION 535
Which mitigation technology for web-based threats prevents the removal of confidential data from the network?
A. CTA
B. AMP
C. DLP
D. DCA
Answer: C
NEW QUESTION 536
……
Download more NEW PassLeader 210-260 dumps from Google Drive here:
drive.google.com/drive/folders/0B-ob6L_QjGLpM1dfWVNVZ3Z5dzg
(537q~~~NEW VERSION DUMPS Updated Recently!!!)
Good luck, all!
[copy that link and open it in your web browser]
Q34 What is the maximum number of methods that a single method list can contain?
A. 4
B. 3
C. 2
D. 5
Answer: A
The correct answer is D.
Q34 What is the maximum number of methods that a single method list can contain?
Answer: aaa type {default | list-name} method1 [method-2 method-3 method-4]
Correct Answer is A
NEW QUESTION 529
Which SNMPv3 security level provides authentication using HMAC with MD5, but does not use encryption?
A. authPriv
B. authNoPriv
C. noAuthPrsqiv
D. noAuthNoPriv
Answer: B
I have passed the exam 937/1000 today, 67 q’s , 1 d&d and 1 lab
All the question from Coachgreece & new question by dk2019.
Got a few new q’s also today which i cant remember .
Me – congrats!
Do you know what your new questions were (atleast topics)??
D&D found on the exam the right one?
Shutdown – The interface is error-disabled
Shutdown Vlan – The virtual layer 2 segment is disabled
Restrict – When the number of secure MAC address on the port reaches a specified maximum limit, the port drops packet and sends an SNMP trap
Protect – When the number of secure MAC addresses on the port reaches a special maximum, the port drops packets without notification.
Passed 92x/1000 last October 31, 2019. Special thanks to c0achgreece, anubis, zimmer, youki and cisco.pass4sure.210-260.v2019-10-28.by.daisy.201q.ete
Give me your email so i can send you if you need copy of the reviewers. I’m sharing them for free :)
There’s a question about EAP.
Not exactly but the question is like this:
Which component is responsible for network access policy?
a. RADIUS server
b. authentication server
c. authenticator
d. supplicant
I am not sure of the answer but I answered d. supplicant.
1 D&D – read PPP’s comment
Shutdown
Shutdown Vlan
Restrict
Protect
1 Sim from c0achgreece or Anubis
Great tisya! Next week i’ll have the exam.
May you send me the reviewers to
miccix at yahoo dot it
Thanks a lot
@tisya please help ma to pass the exam,my mail is {email not allowed}
@tisya Thanks
Tomorrow I will go to take the exam.
Regarding this question:
Which component is responsible for network access policy?
a. RADIUS server
b. authentication server
c. authenticator
d. supplicant
I Think the correct answer is B, Authentication Server.
Authentication Server: A server that validates the credentials sent by the supplicant and determines what level of network access the end user or device should receive. Not only RADIUS is an authentication server.
Goodluck PPP!
@Mountainpig, resend your email, just the way stex did it.
@stex I already sent the materials.
Good luck!
Tisya, check if you sent it to the correct email, please. I haven’t received it yet. Thanks
Hi Tisya,
Please help me with the dumps.
Thanks so much
ameenumuh @ Gmail dot com
Tissa
Please share cisco.pass4sure.210-260.v2019-10-28.by.daisy.201q.ete via google drive
Hi Tisya,
Please help me to pass the exam
Thanks very much
terry55220 @ Gmail dot com
please share a latest dump my email {email not allowed}..
rbltesfaye328 @ gmail .com
rbltesfaye328 @ gmail .com please share latest dump my email is delete a white space and help me
fuafuark @ gmail . com
Please share the latest dumps. Thanks in advance?
Hi Risa please share the latest dump. Thanks.
ganjar . pratowo @ gmail . com
Today can you please share dump with me @ Jonathanriberts at mail dot com
Many thanks
Hi Tisya,
Please help me with the dumps.
Thanks so much
warlizard3 @ gmail .com
@Tisya can you please share dump with me @ Jonathanriberts at mail dot com
Thank you
Please send the material for
pkg dot go dot pokemon @ gmail dot com
Thanks in advance.
Congrats Tisya!
I would very much appreciate it, if you could please mail me a copy of your materials.
digitalpunk01 @ yahoo.com
A million thanks in advance.
Cheers
Awesome Tisya!!
I’d greatly appreciate if you could please mail me a copy of your materials as well.
nastynational87 at gmail dot it
Thanks so much!!
Thanks a lot!
@Tissa
If you are not a liar then share the link. If you are a liar when faq off you stenchy shit.
Sent to this email:
ameenumuh-at-gmail-dot-com
terry55220-at-gmail-dot-com
fuafuark-at-gmail-dot-com
ganjar-dot-pratowo-at-gmail-dot-com
Jonathanriberts-at-mail-dot-com
nastynational87-at-gmail-dot-it
digitalpunk01-at-yahoo-dot-com
warlizard3-at-gmail-dot-com
rbltesfaye328-at-gmail-dot-com
Goodluck guys!
Let me know if you pass and share new questions here for others! :)
Tisya
Can you share daisy link here?
Tisya,
Would you mind sending me those dumps as well. PLEASE PLEASE PLEASE!!!!
dano . frost7 at gmail.com
@Tisya
Can you share your study material to this email: unhappyaj0 @ gmail.com
Hi Tisya,
Sorry I made a typo, it should be:
nastynational87-at-gmail-dot-com
not dot -“it”
Thank you so much again!
@tisya i will share my grade, thanks you
1 new q , please read this topic .. advantages of the on-premise MDM
@tisya could you share the Dump to me? qq653912 at gmail dot com
Hi Tisya,
Can you please mail me a copy of your materials again to the following email?
nastynational87-at-gmail-dot-com
I gave the wrong address the first time. There was a typo.
Thank you
Focus on Coachgreece & new question by dk2019.
does any one have a program to open up the .ete file sent be TISYA ( thank you by the way , much appreciated )
@ME
where is new question by Dk2019 ???
thank you tisya
@Tisys could you share with your materials?
Tzarayass @ Gmail com
Thanks
I passed with 948/1000
67 q’s , 1 d&d and 1 lab
question from Coachgreece & new question by dk2019 and Alex comments
I found 5 new exams that I have never seen. Questions about
Questions about The table is on the ASA.
I answer is NAT Table
Questions about privilege exec level
I answer is 0-15
Questions about IKE and VPN
I answer is Authorization
Questions about action stateful firewall
I answer is DROP
1 more I can’t remember.
Thanks, Good luck, all!