Download Cisco.EnsurePass.400-251.v13-01.2017-04-13.1e.102q.vcex

Download Exam

File Info

Exam CCIE Security Written Exam v5.1
Number 400-251
File Name Cisco.EnsurePass.400-251.v13-01.2017-04-13.1e.102q.vcex
Size 6.83 Mb
Posted April 13, 2017
Downloads 29

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Coupon: EXAM_HUB

Discount: 20%


Demo Questions

Question 1
Which two OSPF network types support the concept of a designated router? (Choose two.)

  • A: broadcast
  • B: NBMA
  • C: point-to-multipoint
  • D: point-to-multipoint nonbroadcast
  • E: loopback

Question 2
Drag each IPS Signature Engine on the left to the matching description on the right

Question 3
Given the IPv4 address, which two address are valid IPv4-compatible IPv6 addresses? (Choose two)

  • A: 0:0:0:0:0:10:10:100:16
  • B: 0:0:10:10:10:16:0:0:0
  • C: 0:0:10:10:100:16:0:0:0
  • D: ::10:10:100:16
  • E: :::A:A:64:10

Question 4
What technology can you implement on your network to allow IPv4-dependent applications to  
work with IPv6- capable application?

  • A: NAT 6to4
  • B: DS-lite
  • C: NAT-PT
  • E: NAT64

Question 5
Which three fields are part of the AH header? (Choose three)

  • A: Destination address
  • B: Protocol ID
  • C: Packet ICV
  • D: SPI identifying SA
  • E: Next header
  • F: Application port
  • G: Source address

Question 6
What ASA feature can do use to restrict a user to a specific VPN group?

  • A: A webtypeACL
  • B: MPF
  • C: A VPN filter
  • D: Group-lock

Question 7
Which two statements about SGT Exchange Protocol are true? (Choose two)

  • A: It propagates the IP-to-SGT binding table across network devices that do not have the ability to perform SGT tagging at Layer 2 to devices that support it
  • B: SXP runs on UDP port 64999
  • C: A connection is established between a "listener" and a "speaker"
  • D: SXP is only supported across two hops
  • E: SXPv2 introduces connection security via TLS

Question 8
Which three statements are true regarding RFC 5176 (Change of Authorization)? (Choose three.)

  • A: It defines a mechanism to allow a RADIUS server to initiate a communication inbound to a NAD.
  • B: It defines a wide variety of authorization actions, including "reauthenticate."
  • C: It defines the format for a Change of Authorization packet.
  • D: It defines a DM.
  • E: It specifies that TCP port 3799 be used for transport of Change of Authorization packets.

Question 9
How does a wireless association flood attack create a DoS?

  • A: It sends a high-power RF pulse that can damage the internals of the AP
  • B: It spoofs disassociation frames from the access point.
  • C: It uses a brute force attack to crack the encryption.
  • D: It exhausts the access client association table.

Question 10
What are two feature that can be used to drop incoming traffic with spoofed bogon address?  
(Choose two)

  • A: Unicast RPF
  • B: ingress ACLs 
  • C: flexible ACLs
  • D: egress ACLs
  • E: reflexive ACLs
  • F: Source Specific Multicast



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files