Ensurepass.com : Ensure you pass the IT Exams
2018 May Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!

CCIE Security Written Exam (v5.0)

Question No: 261 – (Topic 2)

Which two commands would enable secure logging on Cisco ASA to a syslog server at

10.0.0.1? (Choose two)

  1. logging host inside 10.0.0.1 TCP/1500 secure

  2. logging host inside 10.0.0.1 UDP/514 secure

  3. logging host inside 10.0.0.1 TCP/1470 secure

  4. logging host inside 10.0.0.1 UDP/500 secure

  5. logging host inside 10.0.0.1 UDP/447 secure

Answer: A,C

Question No: 262 – (Topic 2)

Which five of these are criteria for rule-based rogue classification of access points by the cisco Wireless LAN

controller? (Choose five)

  1. MAC address range

  2. MAC address range number of clients it has

  3. open authentication

  4. whether it matches a user-configured SSID

  5. whether it operates on an authorized channel

  6. minimum RSSI

  7. time of day the rogue operates

  8. Whether it matches a managed AP SSID

Answer: B,C,D,F,H

Question No: 263 – (Topic 2)

You are developing an application to manage the traffic flow of a switch using an OpenDaylight controller. Knowing you use a Northbound REST API ,which statement is true?

  1. Different applications, even in different languages, cannot use the same functions in a REST API at same time.

  2. The server retains client state records

  3. We must teach our applications about the Southbound protocol(s) used

  4. The applications are considered to be the clients, and the controller is considered to be the server

Answer: D

Question No: 264 – (Topic 2)

What are three protocol that support layer 7 class maps and policy maps for zone based firewalls? (choose three)

  1. IMAP

  2. RDP

  3. MME

  4. ICQ

  5. POP3

  6. IKE

Answer: A,D,E

Question No: 265 DRAG DROP – (Topic 2)

Drag and drop the role on the left onto their responsibility in the change-management process on the right

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

  1. Change Builder – Plans and Implement

  2. Change Comittee – Determines whether 3 Customer – Submit Change Request

4 Project Manager – Owns and Leads

Question No: 266 – (Topic 2)

All of these Cisco security products provide event correlation capabilities excepts which one?

  1. Cisco Security MARS

  2. Cisco Guard/Detector

  3. Cisco ASA adaptive security appliance

  4. Cisco IPS

  5. Cisco Security Agent.

Answer: C

Question No: 267 – (Topic 2)

Ensurepass 2018 PDF and VCE

Refer to the exhibit. What are the two effects of the given configuration? (Choose two)

  1. It permits Time Exceeded messages that indicate the fragment assembly time was exceeded

  2. It permits Destination Unreachable messages that indicate the host specified in the datagram rejected the message due to filtering

  3. It permits Destination Unreachable messages that indicate a problem delivering the datagram to the

    destination address specified in the datagram

  4. It permits Parameter Problem messages that indicate an unrecognized value in the Next Header Filed

  5. It permits Parameter Problem messages that indicate an error in the header

  6. It permits Destination Unreachable messages that indicate an invalid port on the host specified in the datagram

Answer: C,F

Question No: 268 – (Topic 2)

Which two statements about global ACLs are true? (Choose two)

  1. They support an implicit deny

  2. They are applied globally instead of being replicated on each interface

  3. They override individual interface access rules

  4. They require an explicit deny

  5. They can filer different packet types than extended ACLs

  6. They require class-map configuration

Answer: A,B

Question No: 269 DRAG DROP – (Topic 2)

Drag and drop the description on the left on to the associated item on the right.

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation: Collection of similar programs that work together to execute specific tasks: Botnet

Independent malicious program copies itself: Worms

Programs that appear to have one function but actually performs a different function: Trojan horse

Programs that modify other programs: Virus

Question No: 270 – (Topic 2)

Which Cisco ASA firewall mode supports ASDM one-time-password authentication using RSA SecurID?

  1. Network translation mode

  2. Single-context routed mode

  3. Multiple-context mode

  4. Transparent mode

Answer: B

100% Ensurepass Free Download!
Download Free Demo:400-251 Demo PDF
100% Ensurepass Free Guaranteed!
400-251 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No