Characteristics of application layer firewall (probably…

Passed 210-260 exam today in the UK! some questions here are valid but answers are wrong…. also studied some free 210-260 practice tests online, collect questions then pick up some,a good study resource i got is: http://certforums.net/?s=210-260

questions in my test are the following, you can have a reference:

QUESTION
In what type of attack does an attacker virtually change a devices burned in address in an attempt to circumvent access lists and mask the device’s true identity?

A. gratuitous ARP
B. ARP poisoning
C. IP Spoofing
D. MAC Spoofing

Answer: D

QUESTION
How does a zone-based firewall implementation handle traffic between Interfaces in the same Zone?

A. traffic between interfaces in the same zone is blocked unless yoc configure the same-security permit command
B. Traffic between interfaces in the same zone is always blocked
C. Traffic between two interfaces in the same zone is allowed by default
D. Traffic between interfaces in the same zone is blocked unless you apply a service policy to the zone pair

Answer: C

QUESTION
An attacker installs a rogue switch that sends superior BPDUs on your network.
What is a possible result of this activity?

A. The switch could offer fake DHCP addresses.
B. The switch could become the root bridge.
C. The switch could be allowed to join the VTP domain
D. The switch could become a transparent bridge.

Answer: B

QUESTION
Which two next generation encrytption algorithms does Cisco recommend? (Choose two)

A. AES
B. 3DES
C. DES
D. MD5
E. DH-1024
F. SHA-384

Answer: AF

QUESTION
In which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations? (Choose three).

A. when a matching TCP connection is found
B. when the firewall requires strict HTTP inspection
C. when the firewall receives a FIN packet
D. when matching ACL entries are configured
E. when the firewall requires HTTP inspection
F. when matching NAT entries are configured

Answer: ADF

QUESTION
Which two features do CoPP and CPPr use to protect the control plane? (Choose two)

A. QoS
B. traffic classification
C. access lists
D. policy maps
E. class maps
F. Cisco Express Forwarding

Answer: AB

QUESTION
What is an advantage of implementing a Trusted Platform Module for disk encryption?

A. It provides hardware authentication
B. It allows the hard disk to be transferred to another device without requiring re-encryption.dis
C. it supports a more complex encryption algorithm than other disk-encryption technologies.
D. it can protect against single poins of failure.

Answer: A

QUESTION
Refer to the exhibit. What is the effect of the given command sequence?

A. It configures IKE Phase 1
B. It configures a site-to-site VPN Tunnel
C. It configures a crypto policy with a key size of 14400
D. It configures IPSec Phase 2

Answer: A

QUESTION
A specific URL has been identified as containing malware. What action can you take to block users from accidentaly visiting the URL and becoming infected with malware?

A. Enable URL filtering on the perimeter firewall and add the URLs you want to allow to the routers local URL list
B. Enable URL filtering on the perimeter router and add the URLs you want to allow to the firewalls local URL list
C. Create a blacklist that contains the URL you want to block and activate the blacklist on the perimeter router.
D. Enable URL filtering on the perimeter router and add the URLs you want to block to the routers local URL list
E. Create a whitelist that contains the URls you want to allow and activate the whitelist on the perimeter router.

Answer: D

QUESTION
If you change the native VLAN on the port to an unused VLAN, what happens if an attacker attempts a double tagging attack?

A. The trunk port would go into an error-disable state.
B. A VLAN hopping attack would be successful
C. A VLAN hopping attack would be prevented
D. the attacked VLAN will be pruned

Answer: C