[Free] 2017(Oct) Dumps4cert Testinsides Cisco 400-251 Dumps with VCE and PDF Download 301-310

Dumps4Cert 2017 Oct Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4Cert.com/400-251.html

CCIE Security Written Exam (v5.0)

Question No: 301 – (Topic 2)

For which two reasons BVI is required in the Transparent Cisco IOS Firewall? (Choose two)

  1. BVI is required for the inspection of IP traffic.

  2. The firewall can perform routing on bridged interfaces.

  3. BVI is required if routing is disabled on the firewall.

  4. BVI is required if more than two interfaces are in a bridge group.

  5. BVI is required for the inspection of non-IP traffic.

  6. BVI can manage the device without having an interface that is configured for routing.

Answer: D,F

Question No: 302 – (Topic 2)

How does a wireless association flood attack create a DoS?

  1. It sends a high-power RF pulse that can damage the internals of the AP

  2. It spoofs disassociation frames from the access point.

  3. It uses a brute force attack to crack the encryption.

  4. It exhausts the access client association table.

Answer: D

Question No: 303 – (Topic 2)

What are the two technologies that support AFT? (Choose two)

  1. NAT-PT

  2. SNAT

  3. NAT64

  4. DNAT

  5. NAT-PMP

  6. NAT-6to4

Answer: A,C

Question No: 304 – (Topic 2)

NWhich two statements about the ISO are true? (Choose two.

  1. The ISO is a government-based organization.

  2. The ISO has three membership categories: Member, Correspondent, and Subscribers.

  3. Subscriber members are individual organizations.

  4. Only member bodies have voting rights.

  5. Correspondent bodies are small countries with their own standards organization.

Answer: B,D

Explanation: Member bodies are national bodies considered the most representative standards body in each country. These are the only members of ISO that have voting rights.

Question No: 305 – (Topic 2)

Refer to the exhibit . What is the meaning of the given error message?

  1. The PFS groups are mismatched.

  2. The pre-shared keys are mismatched.

  3. The mirrored crypto ACLs are mismatched.

  4. IKE is disabled on the remote peer.

Answer: B

Question No: 306 – (Topic 2)

Which two options are disadvantages of MPLS layers 3 VPN services? (choose two)

  1. They requires cooperation with the service provider to implement transport of non-IP traffic.

  2. SLAs are not supported by the service provider.

  3. It requires customers to implement QoS to manage congestion in the network.

  4. Integration between Layers 2 and 3 peering services is not supported.

  5. They may be limited by the technology offered by the service provider.

  6. They can transport only IPv6 routing traffic.

Answer: D,E

Question No: 307 – (Topic 2)

What security element must an organization have in place before it can implement a security audit and validate the audit results?

  1. firewall

  2. network access control

  3. an incident response team

  4. a security policy

  5. a security operation center

Answer: D

Question No: 308 – (Topic 2)

Which two answers describe provisions of the SOX Act and its international counterpart Acts? (Choose two.)

  1. confidentiality and integrity of customer records and credit card information

  2. accountability in the event of corporate fraud

  3. financial information handled by entities such as banks, and mortgage and insurance

    brokers

  4. assurance of the accuracy of financial records

  5. US Federal government information

  6. security standards that protect healthcare patient data

Answer: B,D

Explanation: 826)A Cisco Easy VPN software client is unable to access its local LAN devices once the VPN tunnel is established. What is the best way to solve this issue?

  1. The IP address that is assigned by the Cisco Easy VPN Server to the client must be on the same network as the local LAN of the client.

  2. The Cisco Easy VPN Server should apply split-tunnel-policy excludespecified with a split-tunnel-list containing the local LAN addresses that are relevant to the client.

  3. The Cisco Easy VPN Server must push down an interface ACL that permits the traffic to the local LAN from the client.

  4. The Cisco Easy VPN Server should apply a split-tunnel-policy tunnelall policy to the client.

  5. The Cisco Easy VPN client machine needs to have multiple NICs to support this.

Answer: B

Question No: 309 – (Topic 2)

Which two statements about NAT-PT with IPv6 are true?(choose twp)

  1. It can be configured as dynamic, static, or PAT.

  2. It provides end-to-end security.

  3. It supports IPv6 BVI configurations.

  4. It provides support for Cisco Express Forwarding.

  5. It provides ALG support for ICMP and DNS.

  6. The router can be a single point of failure on the network.

Answer: A,E

Question No: 310 – (Topic 2)

what is the most commonly used technology to establish an encrypted HTTP connection?

  1. the HTTP/1.1 Upgrade header

  2. the HTTP/1.0 Upgrade header

  3. Secure Hypertext Transfer Protocol

  4. HTTPS

Answer: D

100% Free Download!
Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4Cert 400-251 Full Exam PDF and VCE

Dumps4Cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4Cert IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *