Get Full Version of the Exam
http://www.EnsurePass.com/400-251.html
Question No.121
Which two statements about the Cisco FireAMP solution are true? (Choose two.)
-
It can perform dynamic analysis in the Fire AMP Private Cloud.
-
The FireAMP Connector can detect malware in network traffic and when files are downloaded.
-
The FireAMP Private Cloud provides an on-premises option for file disposition lookups and retrospect generation.
-
The FireAMP Connector is compatible with antivirus software on the endpoint, but you must configure exclusion to prevent the Connector form scanning the antivirus directory.
-
The FireAMP Connector can provide information about potentially malicious network connections.
-
The FireAMP Private cloud can act as an anonymized proxy to transport endpoint event data to the public cloud for disposition lookups.e
-
When a FireAMP Connector detects malware in network traffic, it generates a malware event and a event.
Correct Answer: AC
Question No.122
Which option is a benefit of VRF Selection Using Policy-Based Routing for routing for packets to different VPNs?
-
It suppprts more than one VPN per interface
-
It allows bidirectional traffic flow between the service provider and the CEs
-
It automatically enables fast switching on all directly connected interfaces
-
It can use global routing tables to forward packets if the destination address matches the VRF configure on the interface
-
Every PE router in the service provider MPLS cloud can reach every customer network
-
It inreases the router performance when longer subnet masks are in use
Correct Answer: D
Question No.123
Which two statements about Cisco AMP for Web Security are true? (Choose two)
-
It can detect and block malware and other anomalous traffic before it passes through the Web gateway.
-
It can identify anomalous traffic passing through the Web gateway by comparing it to an established baseline of expected activity
-
It can perform file analysis by sandboxing known malware and comparing unknown files to a local repository of threats
-
It continues monitoring files after they pass the Web gateway
-
It can prevent malicious data exfiltration by blocking critical files from exiting through the Web gateway
-
It can perform reputation-based evaluation and blocking by uploading of incoming files to a cloud- based threat intelligence network
Correct Answer: DF
Question No.124
Your customer wants to implement Cisco Firepower IPS and 1 secure policy. However, a monitoring period of 2 weeks is applied against real traffic without causing an outage before going in to fu of the default policies as a base and set the policy action to ensure. Which two policies to achieve these requirements are true?
-
Set IPs policy to trust
-
Set IPs policy to Monitor
-
Base the IPS policy on the default Advanced Security over Connection
-
Base the IPS policy on the default Balanced Security and Connection
-
Base the IPS policy on the default Connectivity over Security
-
Base the IPS policy on the default Security over Connectivity
-
Set IPS Policy to No Drop
Correct Answer: BD
Question No.125
Refer to the exhibit. Which statement about router R1 is true?
-
Its NVRAM contains public and private crypto keys
-
RMON is configured
-
Its private-config is corrupt
-
Its startup configuration is missing
-
It running configuration is missing
Correct Answer: A
Explanation:
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/50282- ios-caios.html
Question No.126
Which two statements about DTLS are true? (Choose two.)
-
If DPD is enabled.DTLS can fall back to a TLS connection.
-
It is disabled by default if you enable SSL VPN on the interface.
-
It uses two simultaneous IPSec tunnels to carry traffic.
-
If DTLS is disabled on an interface, then SSL VPN connections must use SSL/TLS tunnels.
-
Because if requires two tunnels, it may experience more latency issues than SSL connections.
Correct Answer: AD
Question No.127
What technique can an attacker use to obfuscate a malware application payload, allowing it to bypass standard security mechanisms?
-
Teredo tunneling
-
A PE32 header
-
Steganography
-
BASE64
-
Decryption
Correct Answer: D
Question No.128
Which three flow protocols can tie SealthWatch System use lo monitor potential security threats? (Choose two)
-
OpenFlow
-
Ntop
-
IPFIX
-
NetFlow
-
sFlow
-
Jflow
Correct Answer: CDE
Question No.129
In a Cisco ISR with cloud Web Security Connector deployment, which command can you enter on the Cisco ISR G2 to verify connectivity to the CWS tower?
-
Show policy-map
-
Show service-policy
-
Show ip nbar
-
Show sw-module
-
Mtrace
-
Show content-scan summary
Correct Answer: A
Question No.130
Which command sequence can you enter to enable IP multicast for WCCPv2?
-
Router(config)#ip wccp web-cache group-address 224.1.1.100 Router(config)# interface FastEthernet0/0
Router(config-if)#ip wccp web-cache redirect out
-
Router(config)#ip wccp web-cache group-list Router(config)# interface FastEthernet0/0 Router(config)# ip wccp web-cache group-listen
-
Router(config)#ip wccp web-cache service-list Router(config)# interface FastEthernet0/0 Router(config)# ip wccp web-cache group-listen
-
Router(config)#ip wccp web-cache group-address 224.1.1.100 Router(config)# interface FastEthernet0/0
Router(config)# ip wccp web-cache redirect in
-
Router(config)#ip wccp web-cache group-address 224.1.1.100 Router(config)# interface FastEthernet0/0
Router(config)# ip wccp web-cache group-listen
Correct Answer: E
Get Full Version of the Exam
400-251 Dumps
400-251 VCE and PDF