400-251 Exam Details
-
Exam Code
:400-251 -
Exam Name
:CCIE Security Written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:665 Q&As -
Last Updated
:Dec 10, 2021
Cisco 400-251 Online Questions & Answers
-
Question 131:
Which statement about Social Engineering attack is true?
A. It is a method of extracting non-confidential information
B. It can be done by a person who is inside or outside of the organization
C. It is always done by having malicious ads on untrusted websites for the users to browse
D. It is always performed through an email from a person that you know
E. The phishing technique cannot be used to launch the attack
F. It uses the reconnaissance method for exploitation -
Question 132:
RFID is a technology widely used in loT networks today. Which two features of RFID technologies are correct? (Choose two)
A. RFID readers do not require anti-collision protocols to minimize collisions
B. Semi-passive tags have an on-board power source which is used to energize microchips
C. RFID readers can suffer from a lack of sufficient memory and computational resources
D. RFID tag collision results in an increase of identification delays
E. RFID uses COMA and CSMA for the prevention of collisions on RFID systems -
Question 133:
How does Scavenger-class Qos mitigate Dos and worm attacks?
A. It monitors normal traffic flow and drops burst traffic above the normal rate for a single host.
B. It matches traffic from individual hosts against the specific network characteristics of know attack types.
C. It sets a specific intrusion detection mechanism and applied the appropriate ACL when matching traffic is deleted.
D. It monitors normal traffic flow and aggressively drops sustained abnormally high traffic streams form multiple hosts. -
Question 134:
Which statement about SenderBase reputation scoring on an ESA deivce is true?
A. Application traffic from know bad sites can be throttled or blocked
B. Sender reputation scores can be assigned to domains, IP addresses, and MAC addresses
C. Maild with scores in the medium range can be automatically routed for antimalware scanning
D. A high score indicates that a message is very likely to be spam
E. You can configure a custom score threshold for whitelisting messages.
F. By default, all messages with a score below zero are dropped or throttled -
Question 135:
For you enterprise ISE deployment, you are locking to use certificate-based authentication for all your Windows machines. You have already gone through the exercise of pushing the machine and user certificates out to all the machines using GPO. Since certificate based authentication, by default, doesn't check the certificate against Active Directory or requires credentials from the user. This essentially, means that no groups are returned as a part of the authentication request what are the possible ways to authorize the user based on Active Directory group membership?
A. Configure the Windows supplicant to used saved credentials as well as certificate-based authentication
B. Enable Change of Authorization on the deployment to perform double authentication
C. Use EAP authorization to retrieve group information from Active Directory
D. The certificate should be configured with the appropriate attributes which contain appropriate group information, which can be used in Authorization policies
E. Use ISE as the Certificate Authority, which will then allow automatic group retrieval from Active Directory to perform the required authorization
F. Configure Network Access Device(NAD) to bypass certificate-based authentication and push configured user credentials as a proxy to ISE -
Question 136:
Which three of these make use of a certificate as part of the protocol?(Choose three)
A. EAP-MDS
B. EAP-PEAP
C. EAP-TLS
D. LEAP
E. EAP-FAST
F. EAP-TTLS -
Question 137:
Which three statements about the SHA-2 algorithm are true? (Choose three)
A. It provides a fixed-length output using a collision-resistant cryptographic hash.
B. It provides a variable-length output using a collision-resistant cryptographic hash.
C. It generates a 512-bit message digest.
D. It generates a 160-bit message digest.
E. It is used for integrity verification
F. It is the collective term for the SHA-224, SHA-256, SHA-384, and SHA-512 algorithms. -
Question 138:
Which statement correctly describes TAP mode deployment in IPS?
A. Access rules configured in TAP mode generates events when triggered as well as perform defined action on the traffic stream.
B. TAP mode is available when ports are configured as passive interfaces.
C. Access rules configured in TAP mode does not generate events.
D. TAP mode implementation requires SPAN configuration on a switch.
E. TAP mode is available when IPS is deployed inline.
F. In TAP mode traffic flow gets disturbed for analysis. -
Question 139:
Which three requirements for multi cloud customers to connect, protect and consume cloud services are true? (Choose three)
A. interoperability
B. Networking
C. API integration
D. Software
E. Analytics
F. Security -
Question 140:
Version (1)
Version (2)
Refer to the exhibit, what IPsec function does the given debug output demonstrate?
A. Crypto ACL confirmation
B. DH exchange initiation
C. PFS parameter negotiation
D. Setting SPIs to pass traffic
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 400-251 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.