[Free] 2017(Aug) EnsurePass Examcollection Cisco 400-251 Dumps with VCE and PDF 41-50

EnsurePass
2017 Aug Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/400-251.html

CCIE Security Written Exam (v5.0)

Question No: 41 – (Topic 1)

Which statement about VRF-aware GDOI group members is true?

  1. IPsec is used only to secure data traffic.

  2. The GM cannot route control traffic through the same VRF as data traffic.

  3. Multiple VRFs are used to separate control traffic and data traffic.

  4. Registration traffic and rekey traffic must operate on different on different VRFs.

Answer: A

Question No: 42 – (Topic 1)

Which type of attack uses a large number of spoofed MAC addresses to emulate wireless clients?

  1. Chopchop attack.

  2. DoS against an accesspoint.

  3. Authentication-failure attack

  4. Airsnarf attack

  5. DoS against a client station

  6. Device-probing attack.

Answer: B

Question No: 43 – (Topic 1)

Which command is used to enable 802.1x authorizationon an interface?

  1. Authentication open

  2. Aaa authorization auth-proxy default.

  3. Authentication control-direction both.

  4. Aaa authorization network default group tacacs

  5. Authentication port-control auto

Answer: E

Question No: 44 – (Topic 1)

Refer to the exhibit,

image

What is the maximum number of site-to-site VPNs allowed by this configuration?

  1. 0

  2. 1

  3. 10

  4. 5

  5. 15

  6. Unlimited

Answer: E

Question No: 45 – (Topic 1)

Which two options are important considerations when you use netflow to obtain the full picture of network traffic?(Choose two)

  1. It monitors only TCP connections.

  2. It monitors only routed traffic.

  3. It monitors all traffic on the interface on which it is deployed.

  4. It monitors only ingress traffic on the interface on which it is deployed.

  5. It is unable to monitor over time.

Answer: B,E

Question No: 46 – (Topic 1)

Refer to the exhibit .

image

Which two effects of this configuration are true?(Choose two)

  1. When a user logs in to privileged EXEC mode, the router will track all user activity.

  2. It configures the router’s local database as the backup authentication method for all TTY console, and aux logins

  3. If a user attempts to log in as a level 15 user, the local database will be used for authentication and TACACS will be used used for authorization.

  4. Configuration commands on the router are authorized without checking the TACACS

    server.

  5. When a user attempts to authenticate on the device, the TACACS server will prompt the user to enter the username stored in the router’s database.

  6. Requests to establish a reverse AUX connection to the router will be authorize against the TACACS sever.

Answer: B,D

Question No: 47 – (Topic 1)

Which three types of addresses can be Botnet Traffic Filter feature of the Cisco ASA monitor?(Choosethree)

  1. Dynamic addresses.

  2. Known malware addresses

  3. Known allowed addresses

  4. Ambiguous addresses

  5. Internal addresses

  6. Listed addresses

Answer: B,C,D

Question No: 48 – (Topic 1)

Refer to exhibit.

image

For which type of user is this downloadable ACL appropriate?

  1. Management

  2. Employees

  3. Guest users

  4. Network administrators

  5. Onsite contractors.

Answer: C

Question No: 49 – (Topic 1)

Refer to the exhibit.

image

Which level of encryption is set by this configuration?

  1. 1024-bit

  2. 192-bit

  3. 56-bit

  4. 168-bit.

Answer: D

Question No: 50 – (Topic 1)

Which Cisco ISE profiler service probe can collect information about Cisco Discovery Protocol

  1. DHCP SPAN

  2. RADIUS

  3. SNMP Query

  4. NetFlow

  5. HTTP

  6. DHCP.

Answer: C

100% Free Download!
Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 400-251 Full Exam PDF and VCE
Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com