Ensurepass.com : Ensure you pass the IT Exams
2018 May Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
CCIE Security Written Exam (v5.0)
Question No: 261 – (Topic 2)
Which two commands would enable secure logging on Cisco ASA to a syslog server at
10.0.0.1? (Choose two)
-
logging host inside 10.0.0.1 TCP/1500 secure
-
logging host inside 10.0.0.1 UDP/514 secure
-
logging host inside 10.0.0.1 TCP/1470 secure
-
logging host inside 10.0.0.1 UDP/500 secure
-
logging host inside 10.0.0.1 UDP/447 secure
Answer: A,C
Question No: 262 – (Topic 2)
Which five of these are criteria for rule-based rogue classification of access points by the cisco Wireless LAN
controller? (Choose five)
-
MAC address range
-
MAC address range number of clients it has
-
open authentication
-
whether it matches a user-configured SSID
-
whether it operates on an authorized channel
-
minimum RSSI
-
time of day the rogue operates
-
Whether it matches a managed AP SSID
Answer: B,C,D,F,H
Question No: 263 – (Topic 2)
You are developing an application to manage the traffic flow of a switch using an OpenDaylight controller. Knowing you use a Northbound REST API ,which statement is true?
-
Different applications, even in different languages, cannot use the same functions in a REST API at same time.
-
The server retains client state records
-
We must teach our applications about the Southbound protocol(s) used
-
The applications are considered to be the clients, and the controller is considered to be the server
Answer: D
Question No: 264 – (Topic 2)
What are three protocol that support layer 7 class maps and policy maps for zone based firewalls? (choose three)
-
IMAP
-
RDP
-
MME
-
ICQ
-
POP3
-
IKE
Answer: A,D,E
Question No: 265 DRAG DROP – (Topic 2)
Drag and drop the role on the left onto their responsibility in the change-management process on the right
Answer:
Explanation:
-
Change Builder – Plans and Implement
-
Change Comittee – Determines whether 3 Customer – Submit Change Request
4 Project Manager – Owns and Leads
Question No: 266 – (Topic 2)
All of these Cisco security products provide event correlation capabilities excepts which one?
-
Cisco Security MARS
-
Cisco Guard/Detector
-
Cisco ASA adaptive security appliance
-
Cisco IPS
-
Cisco Security Agent.
Answer: C
Question No: 267 – (Topic 2)
Refer to the exhibit. What are the two effects of the given configuration? (Choose two)
-
It permits Time Exceeded messages that indicate the fragment assembly time was exceeded
-
It permits Destination Unreachable messages that indicate the host specified in the datagram rejected the message due to filtering
-
It permits Destination Unreachable messages that indicate a problem delivering the datagram to the
destination address specified in the datagram
-
It permits Parameter Problem messages that indicate an unrecognized value in the Next Header Filed
-
It permits Parameter Problem messages that indicate an error in the header
-
It permits Destination Unreachable messages that indicate an invalid port on the host specified in the datagram
Answer: C,F
Question No: 268 – (Topic 2)
Which two statements about global ACLs are true? (Choose two)
-
They support an implicit deny
-
They are applied globally instead of being replicated on each interface
-
They override individual interface access rules
-
They require an explicit deny
-
They can filer different packet types than extended ACLs
-
They require class-map configuration
Answer: A,B
Question No: 269 DRAG DROP – (Topic 2)
Drag and drop the description on the left on to the associated item on the right.
Answer:
Explanation: Collection of similar programs that work together to execute specific tasks: Botnet
Independent malicious program copies itself: Worms
Programs that appear to have one function but actually performs a different function: Trojan horse
Programs that modify other programs: Virus
Question No: 270 – (Topic 2)
Which Cisco ASA firewall mode supports ASDM one-time-password authentication using RSA SecurID?
-
Network translation mode
-
Single-context routed mode
-
Multiple-context mode
-
Transparent mode
Answer: B
100% Ensurepass Free Download!
–Download Free Demo:400-251 Demo PDF
100% Ensurepass Free Guaranteed!
–400-251 Dumps
EnsurePass | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |