[Free] 2017(Apr) Ensurepass Passguide Cisco 400-251 Latest Dumps 141-150

Ensurepass
2017 April Cisco Official New Released 400-251 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/400-251.html

CCIE Security Written Exam v5.1

QUESTION 141

Which two characteristics of DTLS are true? (Choose two)

 

A.

It includes a congestion control mechanism

B.

It supports long data transfers and connections data transfers

C.

It completes key negotiation and bulk data transfer over a single channel

D.

It is used mostly by applications that use application layer object-security protocols

E.

It includes a retransmission method because it uses an unreliable datagram transport

F.

It cannot be used if NAT exists along the path

 

Correct Answer: AE

 

 

 

QUESTION 142

Refer to the exhibit, you executed the show crypto key mypubkeyrsa command to verify that the RSA key is protected and it generated the given output. What command must you have entered to protect the key?

 

clip_image001

 

A.

crypto key export rsa pki.cisco.com pern url flash: 3des CiscoPKI

B.

crypto key decrypt rsa name pki.cisco.com passphrase CiscoPKI

C.

crypto key import rsa pki.cisco.com pern url nvram: CiscoPKI

D.

crypto key zeroize rsa CiscoPKI

E.

crypto key lock rsa name pki.cisco.com passphrase CiscoPKI

 

Correct Answer: E

 

 

QUESTION 143

All of these Cisco security products provide event correlation capabilities excepts which one?

 

A.

Cisco Security MARS

B.

Cisco Guard/Detector

C.

Cisco ASA adaptive security appliance

D.

Cisco IPS

E.

Cisco Security Agent.

 

Correct Answer: C

 

 

QUESTION 144

Refer to the exhibit, which configuration prevents R2 from become a PIM neighbor with R1?

 

clip_image003

 

A.

Access-list 10 deny 192.168.1.2.0.0.0.0

!

Interface gi0/0

Ippim neighbor-filter 1

B.

Access-list 10 deny 192.168.1.2.0.0.0.0

!

Interface gi0/0

Ipigmp access-group 10

C.

Access-list 10 deny 192.168.1.2.0.0.0.0

!

Interface gi0/0

Ippimneighbour-filter 10

D.

Access-list 10 permit 192.168.1.2.0.0.0.0

!

Interface gi0/0

Ippim neighbor-filter 10

 

Correct Answer: D

 

 

QUESTION 145

Which two certificate enrollment methods can be completed without an RA and require no direct connection to a CA by the end entity? (Choose two.)

 

A.

SCEP

B.

TFTP

C.

manual cut and paste

D.

enrollment profile with direct HTTP

E.

PKCS#12 import/export

 

Correct Answer: CE

 

 

QUESTION 146

Which two statements about the MD5 Hash are true? (Choose two.)

 

A.

Length of the hash value varies with the length of the message that is being hashed.

B.

Every unique message has a unique hash value.

C.

Its mathematically possible to find a pair of message that yield the same hash value.

D.

MD5 always yields a different value for the same message if repeatedly hashed.

E.

The hash value cannot be used to discover the message.

 

Correct Answer: BE

 

 

QUESTION 147

Which three statement about VRF-Aware Cisco Firewall are true? (Choose three)

 

A.

It can run as more than one instance.

B.

It supports both global and per-VRF commands and DoS parameters.

C.

It can support VPN networks with overlapping address ranges without NAT.

D.

It enables service providers to implement firewalls on PE devices.

E.

It can generate syslog massages that are visible only to individual VPNs.

F.

It enables service providers to deploy firewalls on customer devices.

 

Correct Answer: ADEQUESTION 148

Refer to the exhibit. What is the meaning of the given error message?

 

A.

The PFS groups are mismatched.

B.

The pre-shared keys are mismatched.

C.

The mirrored crypto ACLs are mismatched.

D.

IKE is disabled on the remote peer.

 

Correct Answer: B

 

 

QUESTION 149

Which two value must you configure on the cisco ASA firewall to support FQDN ACL? (Choose two)

 

A.

A DNS server

B.

A Service policy

C.

An FQDN object

D.

A Class map

E.

A services object

F.

A policy map

 

Correct Answer: AC

 

 

QUESTION 150

Refer to the exhibit. Which effect of this configuration is true?

 

clip_image005

 

A.

Host_1 learns about R2 and only and prefers R2 as its default router

B.

Host_1 selects R2 as its default router and load balances between R2 and R3

C.

Host_1 learns about R2 and R3 only and prefers R3 as its default router

D.

Host_1 learns about R1,R2 and R3 and load balances between them

E.

Host_1 learns about R1, R2 and R3 and prefers R2 as its default router

 

Correct Answer: E

100% Free Download!
—Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 400-251 Full Exam PDF and VCE Q&As:315
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com