[Free] 2017(Apr) Ensurepass Passguide Cisco 400-251 Latest Dumps 21-30

Ensurepass
2017 April Cisco Official New Released 400-251 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/400-251.html

CCIE Security Written Exam v5.1

QUESTION 21

Which category to protocol mapping for NBAR is correct?

 

A.

Category:internet

Protocol:FTP,HTTP,TFTP

B.

Category:Network management

Protocol:ICMP,SNMP,SSH,telent

C.

Category:network mail services

Protocol:mapi,pop3,smtp

D.

Category:Enterprise applications

Protocal:citrixICA,PCAnywhere,SAP,IMAP

 

Correct Answer: A

 

 

QUESTION 22

You have discovered unwanted device with MAC address 001c.0f12.badd on port FastEthernet1/1 on VLAN 4. What command or command sequence can you enter on the switch to prevent the MAC address from passing traffic on VLAN 4?

 

A.

clip_image002

B.

clip_image004

C.

clip_image006

D.

clip_image008

E.

clip_image010

 

Correct Answer: D

 

QUESTION 23

Which two options are benefits of the Cisco ASA Identity Firewall? (Choose two)

 

A.

It can apply security policies on an individual user or user-group basis

B.

It can identify threats quickly based on their URLs

C.

It can operate completely independently of other services

D.

It decouples security policies from the network topology

E.

It supports an AD server module to verify identity data

 

Correct Answer: AD

 

 

QUESTION 24

What is an example of a WEP cracking attack ?

 

A.

SQL injection attack

B.

Caf?latte attack

C.

directory traversal attack

D.

Reflected XSS attack

 

Correct Answer: B

 

 

QUESTION 25

Which three options are methods of load-balancing data in an ASA cluster environment?(Choose three)

 

A.

HSRP

B.

spanned EtherChannel

C.

distance-vector routing

D.

PBR

E.

floating static routes

F.

ECMP

 

Correct Answer: BDF

 

 

QUESTION 26

What is the maximum pattern length supported by FPM searches within a packet?

 

A.

256 bytes

B.

128 bytes

C.

512 bytes

D.

1500 bytes

 

Correct Answer: A

 

 

QUESTION 27

Which two statements about role-based access control are true? (Choose two)

 

A.

Server profile administrators have read and write access to all system logs by default.

B.

If the same user name is used for a local user account and a remote user account, the roles defined in the remote user account override the local user account.

C.

A view is created on the Cisco IOS device to leverage role-based access controls.

D.

Network administrators have read and write access to all system logs by default.

E.

The user profile on an AAA server is configured with the roles that grant user privileges.

 

Correct Answer: DE

 

 

QUESTION 28

clip_image012

 

A.

Modify the tunnel keys to match on the hub and spoke

B.

Configure the ipnhrp cache non-authoritative command on the hub’s tunnel interface

C.

Modify the NHRP hold times to match on the hub and spoke

D.

Modify the NHRP network IDs to match on the hub and spoke

 

Correct Answer: A

 

 

QUESTION 29

Which three global correlation feature can be enabled from cisco IPD device manager (Cisco IDM)? (Choose three.)

 

A.

Network Reputation

B.

Global Data Interaction

C.

Signature Correlation

D.

Reputation Filtering

E.

Global Correlation Inspection

F.

Data Contribution

G.

Reputation Assignment

 

Correct Answer: CDE

 

 

QUESTION 30

According to RFC 4890, which three message must be dropped at the transit firewall/router? (Choose three.)

 

A.

Router Renumbering(Type 138)

B.

Node Information Query(Type 139)

C.

Router Solicitation(Type 133)

D.

Node information Response(Type

E.

Router Advertisement(Type 134)

F.

Neighbor Solicitaion(Type 135)

 

Correct Answer: ABD

10
0% Free Download!

—Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 400-251 Full Exam PDF and VCE Q&As:315
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com