Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
CCIE Security Written Exam (v5.0)
Question No: 71 – (Topic 1)
In Which type of multicast does the Cisco ASA forward IGMP messages to the upstream router?
-
clustering
-
PIM multicast routing
-
sub multicast routing
-
multicast group concept
Answer: C
Question No: 72 – (Topic 1)
AMP for Endpoints is supported on Which of these platforms?
-
Windows, MAC,ANDROID.
-
Windows, MAC, LINUX (SuSE, UNUNTU), ANDROID.
-
Windows, ANDROID, LINUX(SuSE, REDHAT).
-
Windows, ANDROID, LINUX(REDHAT, Centos)MAC.
Answer: D
Question No: 73 – (Topic 1)
In which two situations is web authentication appropriate?(Choose two)
-
When secure connections to the network are unnecessary.
-
When a fallback authentication method is necessary.
-
When 802.1x authentication is required.
-
When devices outside the control of the organization’s IT department are permitted to connect to the network.
-
When WEP encryption must be deployed on a large scale
Answer: B,C
Question No: 74 – (Topic 1)
Refer to the exhibit.
Which effect of this configuration is true?
-
If the RADIUS server is unreachable, SSH users cannot authenticate.
-
All commands are validated by the RADIUS server before thedevice executes them.
-
Only SSH users are authenticated against the RADIUS server.
-
Users must be in the RADIUS server to access the serial console.
-
Users accessing the device via SSH and those assessing enable mode are authenticated against the RADIUS server.
Answer: E
Question No: 75 – (Topic 1)
Refer to exhibit
You applied this CPN cluster configuration to n a Cisco ASA and the cluster failed to form. How do you edit the configuration to correct the problem?
-
Define the maximum allowable number of VPN connections.
-
Define the master/slave relationship.
-
Configure the cluster IP address.
-
Enable load balancing.
Answer: C
Question No: 76 – (Topic 1)
Refer to the exhibit.
Which effect of this configuration is true?
-
It allows each context to use all available resources.
-
It over sub scribes VPN session for the given class.
-
It creates a default class.
-
It creates a resource class
Answer: D
Question No: 77 – (Topic 1)
Which two statements about the TTL value in an IPv4 header are true?(Choose two)
-
It is a 4-bit value.
-
It can be used for trace route operations.
-
When it reaches 0,the router sends an ICMP Type 11 message to the originator.
-
Its maximum value is 128.
-
It is a 16-bit value.
Answer: B,C
Question No: 78 – (Topic 1)
Which three Cisco attributes for LDAP authorization are supported on the ASA? (Choose three)
-
L2TP-Encryption
-
Web-VPN-ACL-Filters
-
IPsec-Client-Firewall-Filter-Name
-
Authenticated-User-Idle-Timeout
-
IPsec-Default-Domain
-
Authorization-Type
Answer: B,D,E
Question No: 79 – (Topic 1)
Which two design options are best to reduce security concerns when adopting loT into an organization?(Choose two)
-
Ensure that applications can gather and analyze data at the edge.
-
Implement video analytics on IP cameras.
-
Encrypt sensor data in transit.
-
Segment the Field Area Network form the Data Center network.
-
Encrypt data at rest on all devices in the IOT network.
Answer: D,E
Question No: 80 – (Topic 1)
Which type of header attack is detected by Cisco ASA basic threat detection?
-
Connection limit exceeded.
-
Denial by access list.
-
Failed application inspection.
-
Bad packet format.
Answer: D
100% Ensurepass Free Download!
–400-251 PDF
100% Ensurepass Free Guaranteed!
–400-251 Dumps
| EnsurePass | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |