Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
CCIE Security Written Exam (v5.0)
Question No: 1 – (Topic 1)
Refer to the exhibit.
Which two effects of this configuration are true?(Choose two)
-
IGMPv2 leave group messages are stored in the switch CAM table for faster processing.
-
Hosts send leave group messages to the all-router multicast address when they want to stop data for that group
-
It improves the processing time of CGMP leave messages
-
Hosts send leave group messages to the Solicited-Node Address multicast address FF02::1 :ff00:0000/104
-
It optimizes the use of network bandwidth on the LAN segment.
-
It allows the switch to detect IGMPv2 leave group messages.
Answer: E,F
Question No: 2 – (Topic 1)
Which three statement about 802.1x multiauthentication mode are true?(Choose three)
-
It requires each connected client to authenticate individually.
-
Each multiauthentication port can support only one voice VLAN.
-
It can be deployed in conjunction with MDA functionality on voice VLANs.
-
It is recommended for auth-fail VLANS.
-
It is recommended for guest VLANs.
-
On non-802.1x devices, it can support only one authentication method on a single port.
Answer: A,B,C
Question No: 3 – (Topic 1)
Which three messages are part of the SSL protocol?(Choose three)
-
Alert.
-
Handshake.
-
Record.
-
CipherSpec.
-
Message Authorization.
-
Change CipherSpec.
Answer: A,B,F
Question No: 4 – (Topic 1)
Refer to the exhibit .
Which data format is used in this script?
-
API
-
JavaScript
-
JSON
-
YANG
-
XML
Answer: E
Question No: 5 – (Topic 1)
Refer to the exhibit.
Which two effects of this configuration are true?(Choose two)
-
User five can execute the show run command.
-
User fivecan view usernames and passwords.
-
User superusercan change usernames and passwords.
-
User superuser can view the configuration.
-
User superuser can view usernames and password.
-
User cisco canview usernames and password.
Answer: A,D
Question No: 6 – (Topic 1)
Refer to the exhibit.
Which two effects of this configuration are true?(Choose two)
-
If the TACACS server is unreachable ,the switch places hosts on critical ports in VLAN 50.
-
If the authentication priority is changed, the order in switch authentication is performed also changes.
-
If multiple hosts have authenticated to the same port, each can be in their own assigned VLAN
-
The port attempts 802.1x authentication first, and. then falls back to MAC authentication bypass.
-
The device allows multiple authenticated sessions for a single MAC address in the voice domain.
-
The switch periodically sends an EAP-Identity-Request to the endpoint supplicant.
Answer: D,E
Question No: 7 – (Topic 1)
What are the two different modes in which Private AMP cloud can be deployed?(Choose two )
-
Air Gap Mode.
-
External Mode.
-
Internal Mode.
-
Public Mode.
-
Could Mode.
-
Proxy Mode.
Answer: A,E
Question No: 8 – (Topic 1)
Which two statements about Botnet Traffic Filter snooping are true?(Choosetwo)
-
It requires DNS packet inspection to be enabled to filter domain names in the dynamic database.
-
It requires the Cisco ASA DNS server to perform DNS lookups.
-
It can inspect both IPV4 and IPV6 traffic.
-
It can log and block suspicious connections from previously unknown bad domains and IP addresses.
-
It checks inbound traffic only.
-
It checks inbound and outbound traffic.
Answer: A,F
Question No: 9 – (Topic 1)
Which two statements about uRPF are true?(Choose two)
-
The administrator can configurethe allow-defaultcommand to force the routing table to use only the default .
-
It is not supported on the Cisco ASA security appliance.
-
The administrator can configure the ip verify unicast source reachable-via any command to enable the RPF check to work through HSRP touting groups.
-
The administrator can use thes how cef interface command to determine whether uRPF is enabled.
-
In strict mode, only one routing path can be available to reach network devices on a subnet..
Answer: D,E
Question No: 10 – (Topic 1)
Which command on Cisco ASA you can enter to send debug messages to a syslog server?
-
Loggingdebug-trace
-
Logging host
-
Logging traps
-
Logging syslog
Answer: B
100% Ensurepass Free Download!
–400-251 PDF
100% Ensurepass Free Guaranteed!
–400-251 Dumps
EnsurePass | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |