[Free] 2017(Oct) Dumps4cert Testinsides Cisco 400-251 Dumps with VCE and PDF Download 161-170

Dumps4Cert 2017 Oct Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4Cert.com/400-251.html

CCIE Security Written Exam (v5.0)

Question No: 161 – (Topic 2)

Which Statement about remote procedure calls is true?

  1. They support synchronous and asynchronous requests.

  2. They can emulate different hardware specifications on a single platform.

  3. They support optimized data replication among multiple machines.

  4. They use a special assembly instruction set to process remote code without conflicting

    with other remote processes.

  5. They can be invoked by the client and the server.

Answer: D

Question No: 162 – (Topic 2)

Which two statements about the DES algorithm are true? (Choose two)

  1. The DES algorithm is based on asymmetric cryptography.

  2. The DES algorithm is a stream cipher.

  3. The DES algorithm is based on symmetric cryptography.

  4. The DES algorithm encrypts a block of 128 bits.

  5. The DES algorithm uses a 56-bit key.

Answer: C,E

Question No: 163 – (Topic 2)

Which two statement about DTLS are true ? (choose two)

  1. Unlike TLS,DTLS support VPN connection with ASA.

  2. It is more secure that TLS.

  3. When DPD is enabled DTLS connection can automatically fall back to TLS.

  4. It overcomes the latency and bandwidth problem that can with SSL.

  5. IT come reduce packet delays and improve application performance.

  6. It support SSL VPNs without requiring an SSL tunnel.

Answer: C,D

Question No: 164 DRAG DROP – (Topic 2)

Drag each type of spoofing attack on the left on an action you can take to prevent it on the right?

Dumps4Cert 2017 PDF and VCE

Answer:

Dumps4Cert 2017 PDF and VCE

Explanation: ARP spoofing: Enable dyna mic ARP inspection. DHCP spoofing: Filter messages and traffic from untrusted sources.

DNS spoofing: Apply current updates and zone transfers only from trusted sources regularly. IP spoofing: Enables IP source guard.

TCP spoofing: Enable filtering on the router.

URL Spoofing: Apply periodic web browser security patches.

Question No: 165 – (Topic 2)

CCMP (CCM mode Protocol) is based on which algorithm?

  1. 3DES

  2. Blowfish

  3. RC5

  4. AES

  5. IDEA

Answer: D

Question No: 166 – (Topic 2)

Which two statement about IPv6 path MTU discovery are true? (choose two)

  1. The discover packets are dropped if there is congestion on the link.

  2. the initial path MTU is the same as the MTU of the original node’s link layer interface

  3. It can allow fragmentation when the minimum MTU is blow a configured value

  4. During the discover process the DF bit is set to 1

  5. If the source host receiver an ICMPv6 packet too BIG message from a router it reduces its path MTU

  6. IF the destination host receives and ICMPv6 packet too Big message from a router it reduces its path MTU

Answer: B,E

Question No: 167 DRAG DROP – (Topic 2)

Drag and drop the desktop-security terms from the left onto their right definitions on the right?

Dumps4Cert 2017 PDF and VCE

Answer:

Dumps4Cert 2017 PDF and VCE

Explanation:

governance = directing and controlling information and communications technology penetration testing = using hacking techniques to attempt to bypass existing security phishing = attempting to elict information from users by sending targeted emails

SSO = allowing users to sign in to multiple systems without reentering their credentials two factor authentication = using more than one mechanism to verify a user login

Question No: 168 – (Topic 2)

What are three ways you can enforce a BCP38 policy on an internet edge policy?(choose three)

  1. Avoid RFC1918 internet addressing.

  2. Implement Cisco Express Forwarding.

  3. Implement Unicast RPF.

  4. Apply ingress filters for RFC1918 addresses.

  5. Apply ingress ACL filters for BOGON routes.

  6. Implement source NAT.

Answer: B,C,E

Question No: 169 DRAG DROP – (Topic 2)

Drag each SSI encryption algorithm on the left to the encryption and hashing values it uses on the Right?

Dumps4Cert 2017 PDF and VCE

Answer:

Dumps4Cert 2017 PDF and VCE

Explanation: 3DES-sha1: 168 bit encryption with 160 bit hash DES-sha1: 56 bit encryption with 160 bit hash Null sha1: 160 bit hash without encryption

RC4-md5: 128 bit with 128 bit hash RC4-sha1: 128 bit with 160 bit hash.

Question No: 170 – (Topic 2)

Which three options are methods of load-balancing data in an ASA cluster environment?(Choose three)

  1. HSRP

  2. spanned EtherChannel

  3. distance-vector routing

  4. PBR

  5. floating static routes

  6. ECMP

Answer: B,D,F

100% Free Download!
Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4Cert 400-251 Full Exam PDF and VCE

Dumps4Cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4Cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *