What configs are under crypto map? (Choose two)
A. set peer
B. set host
C. set transform-set
D. inerface
Correct Answer: AC


What is the only permitted operation for processing multicast traffic on zone-based firewalls?
A. Stateful inspection of multicast traffic is supported only for the self-zone.
B. Stateful inspection of multicast traffic is supported only between the self-zone and the internal zone.
C. Only control plane policing can protect the control plane against multicast traffic.
D. Stateful inspection of multicast traffic is supported only for the internal zone
Correct Answer: C
Stateful inspection of multicast traffic is NOT supported by Cisco Zone based firewalls OR Cisco Classic firewall.


Which port should (or would) be open if VPN NAT-T was enabled?
A. port 4500 outside interface
B. port 4500 in all interfaces where ipsec uses
C. port 500
D. port 500 outside interface
Correct Answer: B
NAT traversal: The encapsulation of IKE and ESP in UDP port 4500 enables these protocols to pass through a device
or firewall performing NAT. https://en.wikipedia.org/wiki/Internet_Key_Exchange


A. Remote peer was not able to encrypt the packet
Correct Answer: A

Refer to the exhibit. What type of firewall would use the given cofiguration line?lead4pass 210-260 exam question q5

A. a stateful firewall
B. a personal firewall
C. a proxy firewall
D. an application firewall
E. a stateless firewall
Correct Answer: A


Which command initializes a lawful intercept view?
A. username cisco1 view lawful-intercept password cisco
B. parser view cisco li-view
C. li-view cisco user cisco1 password cisco
D. parser view li-view inclusive
Correct Answer: C
Before you initialize a lawful intercept view, ensure that the privilege level is set to 15 via the privilege command.
enable view
configure terminal
li-view li-password user username password password
username lawful-intercept [name] [privilege privilege-level| view view-name] password password
parser view view-name
secret 5 encrypted-password
name new-name


Which option is a key security component of an MDM deployment?
A. using MS-CHAPv2 as the primary EAP method.
B. using self-signed certificates to validate the server.
C. using network-specific installer packages
D. using an application tunnel by default.
Correct Answer: B


What security feature allows a private IP address to access the Internet by translating it to a public address?
B. hairpinning
C. Trusted Network Detection
D. Certification Authority
Correct Answer: A


Which two statements describe DHCP spoofing attacks? (Choose Two.)
A. They can modify the flow of traffic in transit.
B. They can access most network devices.
C. They can physically modify the network gateway.
D. They are used to perform man-in-the-middle attacks.
E. They protect the identity of the attacker by masking the DHCP address.
F. They use ARP poisoning.
Correct Answer: AD
DHCP spoofing occurs when an attacker attempts to respond to DHCP requests and trying to list themselves (spoofs)
as the default gateway or DNS server, hence, initiating a man in the middle attack. With that, it is possible that they can
intercept traffic from users before forwarding to the real gateway or perform DoS by flooding the real DHCP server with
request to choke ip address resources. https://learningnetwork.cisco.com/thread/67229


Which two descriptions of TACACS+ are true? (Choose two.)
A. It uses TCP as its transport protocol.
B. It combines authentication and authorization.
C. Only the password is encrypted.
D. The TACACS+ header is unencrypted
E. It uses UDP as its transport protocol.
Correct Answer: AB


What configuration allows AnyConnect to authenticate automatically establish a VPN session when a user logs in to the
A. proxy
B. Trusted Network Detection
C. transparent mode
D. always-on
Correct Answer: D


You need to place these 7 options into HIPS and NIPS. Each section has 4 choices which means one out of these 7
options goes into both.
Select and Place:lead4pass 210-260 exam question q12

Correct Answer:

lead4pass 210-260 exam question q12-1


Which statement about college campus is true?
A. College campus has geographical position.
B. College campus Hasn`t got internet access.
C. College campus Has multiple subdomains.
Correct Answer: A

