400-251 Latest Exam (Aug 2018)

[Free] 2018(Aug) Ensurepass Cisco 400-251 Dumps with VCE and PDF 51-60

August 12, 2018

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!

CCIE Security Written Exam (v5.0)

Question No: 51 – (Topic 1)

Which two options are unicast address types for IPv6 addressing?(Choose two)

  1. Link-local.

  2. Established.

  3. Global

  4. Dynamic

  5. Static

Answer: A,C

Question No: 52 – (Topic 1)

Which two options are benefits of the Cisco ASA transparent firewall mode?(Choose two)

  1. It can establish routing adjacencies.

  2. It can perform dynamic routing.

  3. It can be added to an existing network without significant reconfiguration.

  4. It supports extended ACLs to allow Layer 3 traffic to pass from higher lower security interfaces.

  5. It provides SSL VPN support.

Answer: C,D

Question No: 53 – (Topic 1)

Which three statements about SXP are true?(Choose three)

  1. It resides in the control plane, where connections can be initiated from a listener.

  2. Packets can be tagged with SGTs only with hardware support.

  3. Each VRF supports only one CTS-SXP connection.

  4. To enable an access device to use IP device tracking to learn source device IP addresses,DHCP snooping must be configured.

  5. The SGA ZBPF uses the SGT to apply forwarding decisions.

  6. SeparateVRFs require different CTS-SXP peers, but they can use the same source IP addresses.

Answer: A,B,C

Question No: 54 – (Topic 1)

Which two statements about ping flood attacks are true?(Choose two)

  1. They attack by sending ping requests to the return address of the network.

  2. They use ICMP packets.

  3. They attack by sending ping requests to the return address of the network.

  4. The attack is intended to over whelm the CPU of the target victim.

  5. They use SYN packets.

Answer: B,D

Question No: 55 – (Topic 1)

Refer to the exhibit.

Ensurepass 2018 PDF and VCE

After you applied this Ether Channel configuration to a Cisco ASA, the Ether Channel failed to come up. Which reason for the problem is the most likely?

  1. The lacp system-priority and lacp port-priority values are the same.

  2. The Ether Chanel requires three ports, and only two are configured.

  3. The Ether Chanel is disabled.

  4. The channel group modes are mismatched

Answer: D

Question No: 56 – (Topic 1)

Which three VSA attributes are present in a RADIUS WLAN Access-Accept packet? (Choose Three)

  1. Tunnel-Private-Group-ID

  2. Tunnel-Type

  3. SSID

  4. EAP-Message

  5. LEAP Session-Key

  6. Authorization-Algorithm-Type

Answer: A,B,C

Question No: 57 – (Topic 1)

Refer to the exhibit,

Ensurepass 2018 PDF and VCE

What are two functionalities of this configuration?(Choose two)

  1. Traffic will not be able to pass on gigabit Ethernet 0/1.

  2. The ingress command is used for an IDS to send a reset onvlan 3 only.

  3. The source interface should always be a VLAN.

  4. The encapsulation command is used to deep scan on dotlq encapsulated traffic.

  5. Traffic will only be send to gigabit Ethernet 0/20

Answer: B,E

Question No: 58 – (Topic 1)

Which two statement about the Cisco Any Connect VPN Client are true?(Choose two)

  1. To improve security, keep alives are disabled by default.

  2. It can be configured to download automatically without prompting the user.

  3. It can use an SSL tunnel and a DTLS tunnel simultaneously.

  4. By default, DTLS connections can fall back to TLS.

  5. It enable users to manage their own profiles.

Answer: B,C

Question No: 59 – (Topic 1)

Which effect of theip nhrp map multicast dynamic command is true?

  1. It configures a hub router to automatically add spoke routers to multicast replication list of the hub.

  2. It enables a GRE tunnel to operate without the IPsec peer or crypto ACLs.

  3. It enables a GRE tunnel to dynamically update the routing tables on the devices at each end of the tunnel.

  4. It configures a hub router to reflect the routes it learns from a spoke back to other spoke back to other spokes through the same interface.

Answer: A

Question No: 60 – (Topic 1)

Which two characteristics of DTLS are true? (Choose two)

  1. It includes a congestion control mechanism

  2. It supports long data transfers and connections data transfers

  3. It completes key negotiation and bulk data transfer over a single channel

  4. It is used mostly by applications that use application layer object-security protocols

  5. It includes a retransmission method because it uses an unreliable datagram transport

  6. It cannot be used if NAT exists along the path

Answer: A,E

100% Ensurepass Free Download!
400-251 PDF
100% Ensurepass Free Guaranteed!
400-251 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No