[Free] 2017(Apr) Ensurepass Passguide Cisco 400-251 Latest Dumps 11-20

Ensurepass
2017 April Cisco Official New Released 400-251 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/400-251.html

CCIE Security Written Exam v5.1

QUESTION 11

According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery?

 

A.

Allow only POST requests.

B.

Mark all cookies as HTTP only.

C.

Use per-session challenge tokens in links within your web application.

D.

Always use the “secure” attribute for cookies.

E.

Require strong passwords.

 

Correct Answer: C

 

 

QUESTION 12

Which three of these are security properties that TLS v1.2 provides? (Choose three)

 

A.

Availability

B.

integrity

C.

non-repudiation

D.

authentication

E.

authorization

F.

confidentiality

 

Correct Answer: BDF

 

 

QUESTION 13

Refer to the exhibit. Which statement about this debug output is true?

 

clip_image002

 

A.

It was generated by a LAN controller when it responded to a join request from an access point

B.

It was generated by a LAN controller when it generated a join request to an access point

C.

It was g
enerated by an access point when it sent a join reply message to a LAN controller

D.

It was generated by an access point when it received a join request message from a LAN controller

 

Correct Answer: A

 

 

QUESTION 14

DRAG DROP

Drag each ISE probe on the left to the matching statement on the right.

 

clip_image003

 

Correct Answer:

clip_image004

 

 

QUESTION 15

Refer to the exhibit, what Is the effect of the given command sequence?

 

clip_image006

 

A.

The router telnet to the on port 2002

B.

The AP console port is shut down.

C.

A session is opened between the router console and the AP.

D.

The router telnet to the router on port 2002.

 

Correct Answer: C

 

 

QUESTION 16

Which two statements about IPsec in a NAT-enabled environment are true? (Choose two)

 

A.

The hashes of each peer’s IP address and port number are compared to determine whether NAT-T is required

B.

NAT-T is not supported when IPsec Phase 1 is set to Aggressive Mode

C.

The first two messages of IPsec Phase 2 are used to determine whether the remote host supports NAT-T

D.

NAT-T is not supported when IPsec Phase 1 is set to Main Mode

E.

IPsec packets are encapsulated in UDP 500 or UDP 10000 packets

F.

To prevent translations from expiring, NAT keepalive messages that include a payload are sent between the peers

 

Correct Answer: AD

 

 

QUESTION 17

Which statement about the Cisco Secure ACS Solution Engine TACACS+ AV pair is true?

 

A.

AV pairs are only required to be enabled on Cisco Secure ACS for successful implementation.

B.

The Cisco Secure ACS Solution Engine does not support accounting AV pairs.

C.

AV pairs are only string values.

D.

AV pairs are of two types: string and integer.

 

Correct Answer: C

 

 

QUESTION 18

Which statement about Sarbanes-Oxley (SOX) is true?

 

A.

SOX is an IEFT compliance procedure for computer systems security.

B.

SOX is a US law.

C.

SOX is an IEEE compliance procedure for IT management to produce audit reports.

D.

SOX is a private organization that provides best practices for financial institution computer systems.

E.

Section 404 of SOX is only related to IT compliance.

 

Correct Answer: B

 

 

QUESTION 19

Which Cisco ASA firewall mode supports ASDM one-time-password authentication using RSA SecurID?

 

A.

Network translation mode

B.

Single-context routed mode

C.

Multiple-context mode

D.

Transparent mode

 

Correct Answer: B

 

 

QUESTION 20

What protocol is responsible for issuing certificates?

 

A.

SCEP

B.

DTLS

C.

ESP

D.

AH

E.

GET

 

Correct Answer: A

100% Free Download!
—Download Free Dem
o:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 400-251 Full Exam PDF and VCE Q&As:315
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com