1. Home
  2. Cisco
  3. 400-251

Cisco 400-251 Online Practice Questions and Exam Preparation

400-251 Exam Details

  • Exam Code
    :400-251
  • Exam Name
    :CCIE Security Written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :665 Q&As
  • Last Updated
    :Dec 10, 2021

Cisco 400-251 Online Questions & Answers

  • Question 151:

    Which authentication does WCCPv2 use to protect messages against interception, inspection, and replay attacks?

    A. MD5
    B. clear text
    C. two factor
    D. Kerberos
    E. EAP

  • Question 152:

    Which statement correctly represents the ACI security principle of Object Model?

    A. It is logical representation of an application and its interdependencies in the network fabric
    B. It is policy placed at the intersection of a source and destination EPGs.
    C. It is defined by the policy applied between EPGs for communication
    D. It consists of one or more tenants having multiple contexts.
    E. These are rules and policies used by an EPG to communicate with other EPGs.
    F. It is collection of endpoints representing an application with in a context

  • Question 153:

    Which three of the following Cisco VPN technologies allow for secure transport and encryption of multicast traffic? (Choose three.)

    A. Static Crypto Map
    B. GETVPN
    C. DMVPN
    D. Dynamic Crypto map
    E. FlexVPN

  • Question 154:

    Which statement is true regarding Private VLAN?

    A. A private VLAN domain can have multiple primary VLAN
    B. Each secondary VLAN in a private VLAN domain needs to have a separate associated primary VLAN
    C. Each port in a private VLAN domain is a member of all the secondary VLANs in that domain
    D. A subdomain in a primary VLAN domain consists of a primary and secondary VLAN pair
    E. In a private VLAN domain a secondary VLAN port needs to be an isolated port for it to be able to communicate with a layer-3 device
    F. In a private VLAN domain a secondary VLAN can have only one promiscuous port

  • Question 155:

    What are two features that helps to mitigate man-in-the-middle attacks? (Choose two)

    A. DHCP snooping
    B. ARP spoofing
    C. destination MAC ACLs
    D. dynamic ARP inspection
    E. ARP sniffing on specific ports

  • Question 156:

    If a packet capture is taken between ISE and an endpoint to capture an EAP-TLS session, you will be able to see:

    A. Certificate and associated private keys from ISE only
    B. Certificates from ISE and the endpoint
    C. Certificate and associated private keys from endpoint only
    D. Certificates from ISE only

  • Question 157:

    Which Statement is true regarding Private VLAN?

    A. A private VLAN domain can have multiple primary VLAN
    B. Each secondary VLAN in a private VLAN domain needs to have a separate associated primary VLAN
    C. Each port in a private VLAN domain is a member of all the secondary VLANs in that domain
    D. A subdomain in a primary VLAN domain consists of a primary and secondary VLAN pair
    E. In a private VLAN domain a secondary VLAN port needs to be an isolated port for it to be able to communicate with a layer-3 device
    F. In a private VLAN domain a secondary VlAN can have only one promiscuous port

  • Question 158:

    Refer to the exhibit. Which effect of this configuration is true?

    class Partner-Class limit-resource routers 50 limit-resource ASDM 4 limit-resource VPN other 400 limit-resource xlates 18000

    A. It allows each context to user all available resources.
    B. It oversubscribes VPN sessions for the given class.
    C. It creates a default class.
    D. It creates a resource class.

  • Question 159:

    What is an appropriate way to prepare ISE for a staged deployment?

    A. Closed Mode > low-impact mode
    B. low-impact mode > monitor mode > Closed Mode
    C. Monitor mode > low-impact mode > Closed Mode
    D. Open mode > Closed mode > low-impact mode

  • Question 160:

    Which three messages are part of the SSL protocol? (Choose three)

    A. Change CipherSpec
    B. Alert
    C. Record
    D. Message Authenication
    E. CipherSpec
    F. Handshake

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 400-251 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.