Get Full Version of the Exam
http://www.EnsurePass.com/400-251.html
Question No.11
Which two statements about Cisco URL Filtering on Cisco IOS Software are true? (Choose two)
-
It supports Websense and N2H2 filtering at the same time,
-
It supports local URL lists and third-party URL filtering servers.
-
By default, it uses ports 80 and 22.
-
It supports HTTP and HTTPS traffic.
-
BY default, it allows all URLs when the connection to the filtering server is down.
-
It requires minimal CPU time.
Correct Answer: BF
Question No.12
Which statement about VRF-aware GDOI group members is true?
-
The GM cannot route control traffic through the same VRF as data traffic.
-
Multiple VRFs are used to separate control traffic and data traffic.
-
Registration traffic and rekey traffic must operate on different VRFs.
-
IPsec is used only to secure data traffic.
Correct Answer: B
Question No.13
Which statement about managing Cisco ISE Guest Services is true?
-
Only a Super Admin or System Admin can delete the default Sponsor portal.
-
Only ISE administrators from an external identify store can be members of a Sponsor group.
-
By default, an ISE administrator can manage only the guest accounts he or she created in the Sponsor portal.
-
ISE administrators can view and set a guest#39;s password to a custom value in the Sponsor portal.
-
ISE administrators can access the Sponsor portal only if they have valid Sponsor accounts.
-
ISE administrators can access the Sponsor portal only from the Guest Access menu.
Correct Answer: C
Question No.14
What is an example of a stream cipher?
-
RC4
-
RC5
-
DES
-
Blowfish
-
Correct Answer: A
Question No.15
Which two options are benefits of global ACLs? (Choose two)
-
They save memory because they work without being replicated on each interface.
-
They are more efficient because they are processed before interface access rules.
-
They are flexible because they match source and destination IP addresses for packets that arrive on any interface.
-
They only operate on logical interfaces.
-
They can be applied to multiple interfaces.
Correct Answer: AC
Question No.16
Refer to the exhibit. What is the maximum number of site-to-site VPNs allowed by this configuration?
A. |
10 |
B. |
unlimited |
C. |
5 |
D. |
0 |
E. |
1 |
F. |
15 |
Correct Answer: F
Question No.17
Which three statements about 802.1x multiauthentication mode are true? (Choose three.)
-
It is recommended for guest VLANs.
-
On non-802.1x devices, it can support only one authentication method on a single port.
-
Each multiauthentication port can support only one voice VLAN.
-
It is recommended for auth-fall VLANs.
-
It requires each connected client to authenticate individually.
-
It can be deployed in conjunction with MDA functionality on voice VLANs.
Correct Answer: CEF
Question No.18
Refer to the exhibit. Which two effects of this configuration are true? (Choose two.)
-
The BGP neighbor session between R1 and R2 re-establishes after 100 minutes.
-
A warning message is displayed on R2 after it receives 50 prefixes.
-
A warning message is displayed on R2 after it receives 100 prefixes from neighbor 1.1.1.1.
-
The BGP neighbor session between R1 and R2 re-establishes after 50 minutes.
-
The BGP neighbor session tears down after R1 receive 100 prefixes from neighbor 1.1.1.1.
-
The BGP neighbor session tears down after R1 receive 200 prefixes from neighbor 2.2.2.2.
Correct Answer: CF
Question No.19
Which three statements about WCCP are true? (Choose three.)
-
The minimum WCCP-Fast Timers messages interval is 500 ms
-
Is a specific capability is missing from the Capabilities Info component, the router is assumed to support the default capability
-
If the packet return method is missing from a packet return method advertisement, the web cache uses the Layer 2 rewrite method
-
The router must receive a valid receive ID before it negotiates capabilities
-
The assignment method supports GRE encapsulation for sending traffic
-
The web cache transmits its capabilities as soon as it receives a receive ID from router
Correct Answer: ACE
Explanation:
Web Cache Communication Protocol (WCCP) http://www.cisco.com/c/en/us/td/docs/security/asa/special/wccp/guide/asa-wccp.html
Question No.20
What are the two different modes in which private AMP cloud can be deployed ? (Choose two)
-
Air Gap Mode
-
External Mode
-
Internal Mode
-
Public Mode
-
Cloud Mode
-
Cloud Proxy Mode
Correct Answer: AF
Get Full Version of the Exam
400-251 Dumps
400-251 VCE and PDF