[Free] 2017(Aug) EnsurePass Examcollection Cisco 400-251 Dumps with VCE and PDF 51-60

EnsurePass
2017 Aug Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/400-251.html

CCIE Security Written Exam (v5.0)

Question No: 51 – (Topic 1)

Which two options are unicast address types for IPv6 addressing?(Choose two)

  1. Link-local.

  2. Established.

  3. Global

  4. Dynamic

  5. Static

Answer: A,C

Question No: 52 – (Topic 1)

Which two options are benefits of the Cisco ASA transparent firewall mode?(Choose two)

  1. It can establish routing adjacencies.

  2. It can perform dynamic routing.

  3. It can be added to an existing network without significant reconfiguration.

  4. It supports extended ACLs to allow Layer 3 traffic to pass from higher lower security interfaces.

  5. It provides SSL VPN support.

Answer: C,D

Question No: 53 – (Topic 1)

Which three statements about SXP are true?(Choose three)

  1. It resides in the control plane, where connections can be initiated from a listener.

  2. Packets can be tagged with SGTs only with hardware support.

  3. Each VRF supports only one CTS-SXP connection.

  4. To enable an access device to use IP device tracking to learn source device IP addresses,DHCP snooping must be configured.

  5. The SGA ZBPF uses the SGT to apply forwarding decisions.

  6. SeparateVRFs require different CTS-SXP peers, but they can use the same source IP addresses.

Answer: A,B,C

Question No: 54 – (Topic 1)

Which two statements about ping flood attacks are true?(Choose two)

  1. They attack by sending ping requests to the return address of the network.

  2. They use ICMP packets.

  3. They attack by sending ping requests to the return address of the network.

  4. The attack is intended to over whelm the CPU of the target victim.

  5. They use SYN packets.

Answer: B,D

Question No: 55 – (Topic 1)

Refer to the exhibit.

image

After you applied this Ether Channel configuration to a Cisco ASA, the Ether Channel failed to come up. Which reason for the problem is the most likely?

  1. The lacp system-priority and lacp port-priority values are the same.

  2. The Ether Chanel requires three ports, and only two are configured.

  3. The Ether Chanel is disabled.

  4. The channel group modes are mismatched

Answer: D

Question No: 56 – (Topic 1)

Which three VSA attributes are present in a RADIUS WLAN Access-Accept packet? (Choose Three)

  1. Tunnel-Private-Group-ID

  2. Tunnel-Type

  3. SSID

  4. EAP-Message

  5. LEAP Session-Key

  6. Authorization-Algorithm-Type

Answer: A,B,C

Question No: 57 – (Topic 1)

Refer to the exhibit,

image

What are two functionalities of this configuration?(Choose two)

  1. Traffic will not be able to pass on gigabit Ethernet 0/1.

  2. The ingress command is used for an IDS to send a reset onvlan 3 only.

  3. The source interface should always be a VLAN.

  4. The encapsulation command is used to deep scan on dotlq encapsulated traffic.

  5. Traffic will only be send to gigabit Ethernet 0/20

Answer: B,E

Question No: 58 – (Topic 1)

Which two statement about the Cisco Any Connect VPN Client are true?(Choose two)

  1. To improve security, keep alives are disabled by default.

  2. It can be configured to download automatically without prompting the user.

  3. It can use an SSL tunnel and a DTLS tunnel simultaneously.

  4. By default, DTLS connections can fall back to TLS.

  5. It enable users to manage their own profiles.

Answer: B,C

Question No: 59 – (Topic 1)

Which effect of theip nhrp map multicast dynamic command is true?

  1. It configures a hub router to automatically add spoke routers to multicast replication list of the hub.

  2. It enables a GRE tunnel to operate without the IPsec peer or crypto ACLs.

  3. It enables a GRE tunnel to dynamically update the routing tables on the devices at each end of the tunnel.

  4. It configures a hub router to reflect the routes it learns from a spoke back to other spoke back to other spokes through the same interface.

Answer: A

Question No: 60 – (Topic 1)

Which two characteristics of DTLS are true? (Choose two)

  1. It includes a congestion control mechanism

  2. It supports long data transfers and connections data transfers

  3. It completes key negotiation and bulk data transfer over a single channel

  4. It is used mostly by applications that use application layer object-security protocols

  5. It includes a retransmission method because it uses an unreliable datagram transport

  6. It cannot be used if NAT exists along the path

Answer: A,E

100% Free Download!
Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 400-251 Full Exam PDF and VCE
Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com