Get Full Version of the Exam
http://www.EnsurePass.com/400-251.html
Question No.61
Which two statements about ping flood attacks are true? (Choose two.)
-
They attack by sending ping requests to the broadcast address of the network.
-
They use SYN packets.
-
The attack is intended to overwhelm the CPU of the target victim.
-
They use UDP packets.
-
They use ICMP packets.
-
They attack by sending ping requests to the return address of the network.
Correct Answer: CE
Question No.62
What are two features that helps to mitigate man-in-the-middle attacks? (Choose two.)
-
DHCP snooping
-
ARP spoofing
-
destination MAC ACLs
-
dynamic ARP inspection
-
ARP sniffing on specific ports
Correct Answer: AD
Question No.63
Which two statements about Cisco AMP for Web Security are true? (Choose two.)
-
It can prevent malicious data exfiltration by blocking critical files from exiting through the Web gateway.
-
It can perform reputation-based evaluation and blocking by uploading the fingerprint of incoming files to a cloud-based threat intelligence network.
-
It can detect and block malware and other anomalous traffic before it passes through the Web gateway.
-
It can perform file analysis by sandboxing known malware and comparing unknown files to a local repository of the threats.
-
It can identify anomalous traffic passing through the Web gateway by comparing it to an established of expected activity.
-
It continues monitoring files after they pass the Web gateway.
Correct Answer: BF
Question No.64
What are three technologies that can be used to trace the source of an attack in a network environment with multiple exit/entry points? (Choose three.)
-
ICMP Unreachable messages
-
Sinkholes
-
A honey pot
-
Remotely-triggered destination-based black holing
-
Traffic scrubbing
Correct Answer: ADE
Question No.65
What are the most common methods that security auditors use to access an organization#39;s security processes? (Choose two.)
-
physical observation
-
social engineering attempts
-
penetration testing
-
policy assessment
-
document review
-
interviews
Correct Answer: AF
Question No.66
Which are two of the valid IPv6 extension headers? (Choose two.)
-
Options
-
Authentication Header
-
Mobility
-
Protocol
-
Next Header
-
Hop Limit
Correct Answer: BC
Question No.67
Which type of header attack is detected by Cisco ASA basic threat detection?
-
denial by access list
-
bad packet format
-
failed application inspection
-
connection limit exceeded
Correct Answer: B
Question No.68
Which three statements about RLDP are true? (Choose three.)
-
It detects rogue access points that are connected to the wired network.
-
It can detect rogue APs that use WPA encryption.
-
It can detect rogue APs operating only on 5 GHz.
-
It can detect rogue APs that use WEP encryption.
-
The AP is unable to serve clients while the RLDP process is active.
-
Active Rogue Containment can be initiated manually against rogue devices detected on the wired network.
Correct Answer: AEF
Explanation:
Rogue Location Discovery Protocol (RLDP)
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/70987-rogue- detect.html
Question No.69
If an ASA device is configured as a remote access IPsec server with RADIUS authentication and password management enabled, which type of authentication will it use?
-
RSA
-
MS-CHAPv2
-
MS-CHAPv1
-
NTLM
-
PAP
Correct Answer: B
Question No.70
You are considering using RSPAN to capture traffic between several switches. Which two configuration aspects do you need to consider? (Choose two.)
-
All switches need to be running the same IOS version.
-
All distribution switches need to support RSPAN.
-
Not all switches need to support RSPAN for it to work.
-
The RSPAN VLAN need to be blocked on all trunk interfaces leading to the destination RSPAN switch.
-
The RSPAN VLAN need to be allow on all trunk interfaces leading to the destination RSPAN
switch.
Correct Answer: BE
Get Full Version of the Exam
400-251 Dumps
400-251 VCE and PDF