Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
CCIE Security Written Exam (v5.0)
Question No: 61 – (Topic 1)
Refer to the exhibit.
Which two configurations must you perform to enable the device to use this class map?(Choose two)
-
Configure PDLM
-
Configure the ip nbar custom command
-
Configure the ip nbar protocoldiscovery command.
-
Configure the transport hierarchy
-
Configure the DSCP value.
Answer: A,C
Question No: 62 – (Topic 1)
Within Platform as a Service, which two components are managed by the customer?(Choose two)
-
Data.
-
Networking.
-
Middleware.
-
Applications.
-
Operating system
Answer: A,D
Question No: 63 – (Topic 1)
Which three transports have been defined for SNMPv3?(Choose three)
-
SSL
-
TLS
-
GET
-
SSH
-
IPsec secured tunnel
-
DTLS
Answer: A,B,F
Question No: 64 – (Topic 1)
Which two options are benefits of network summarization? (Choose two)
-
It can summarize discontiguous IP addresses.
-
It can easily be added to existing networks.
-
It can increase the convergence of the network.
-
It prevents unnecessary routing updates at the summarization boundary if one of the routes in the summary is unstable
-
It reduces the number of routes.
Answer: D,E
Question No: 65 – (Topic 1)
Which file extensions are supported on the Firesight Management Center 6.1(3.1)file policies that can be analyzed dynamically using the Threat Grid Sandbox integration?
-
MSEXE, MSOLE2, NEW-OFFICE,PDF;
-
DOCX, WAV,XLS,TXT
-
TXT, MSOLE2, WAV, PDF.
-
DOC, MSOLE2, XML, PF.
Answer: A
Question No: 66 – (Topic 1)
From the list below, which one is the major benefit of AMP Threat GRID?
-
AMP Threat Grid collects file information from customer servers and run tests on them to see if they are infected with viruses
-
AMP Threat Grid learns ONLY from data you pass on your network and not from anything else to monitor for suspicious behavior. This makes the system much faster and efficient
-
AMP Threat Grid combines Static, and Dynamic Malware analysis with threat intelligence into one combined solution
-
AMP Threat Grid analyzes suspicious behavior in your network against exactly 400 behavioral indicators
Answer: C
Question No: 67 – (Topic 1)
Refer to the exhibit.
Which meaning of this error message on a Cisco ASA is true?
-
The route map redistribution is configured incorrectly.
-
The default route is undefined.
-
A packet was deniedand dropped by an ACL.
-
The host is connected directly to the firewall.
Answer: B
Question No: 68 – (Topic 1)
Refer to the exhibit.
A user authenticates to the NAS, which communicates to the VACAS server authentication. The TACACS SERVERthen accesses the Active Directory Server through the ASA firewall to validate the user credentials. Which protocol-Port pair must beallowed access through the ASA firewall?
-
SMB over TCP 455.
-
DNS over UDP 53.
-
LDAP over UDP 389.
-
global catalog over UDP 3268.
-
TACACS over TCP 49.
-
DNS over TCP 53.
Answer: C
Question No: 69 – (Topic 1)
Which encryption type is used by ESA for implementing the Email Encryption?
-
PKI.
-
S/MMIE Encryption.
-
Identity Based Encryption(IBE).
-
TLS.
-
SSL Encryption.
Answer: B
Question No: 70 – (Topic 1)
Which two options are benefits the Cisco ASA Identity Firewall?(Choose two)
-
It supports an AD server module to verify identity data.
-
It can operate completely independently of other servers.
-
It decouples security policies from the network topology.
-
It can apply security policies on an individual user or user-group basis
-
It can identify threats quickly based on their URLs.
Answer: A,D
100% Ensurepass Free Download!
–400-251 PDF
100% Ensurepass Free Guaranteed!
–400-251 Dumps
| EnsurePass | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |