400-251 Exam Details
-
Exam Code
:400-251 -
Exam Name
:CCIE Security Written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:665 Q&As -
Last Updated
:Dec 10, 2021
Cisco 400-251 Online Questions & Answers
-
Question 211:
What are the three scanning engines that the Cisco IronPort dynamic vectoring and streaming engine can use to protect against malware? (Choose three)
A. McAfee
B. TrendMicro
C. Sophos
D. Webroot
E. F-Secure
F. Symantec -
Question 212:
Which statement about SMTP authentication in a Cisco ESA deployment is true?
A. If an authenticating user belongs to more than one LDAP gourp, each with different user roles, AsyncOS grants permissions in accordance with the least.
B. the LDAP servers used by an ESA must share a single SMTP authentication profile
C. Clients can be authenticated with an LDAP bind or by fetching a passphrase as an attribute
D. It enables users at remote sites to release email messages from spam quarantine
E. When SMTP authentication with forwarding is performed by a second SMTP server, the second server also performs the transfer of queued messages
F. It enable users at remote sites to retrieve their email messages via secure client -
Question 213:
DRAG DROP
Drag each ISE probe on the left to the matching statement on the right.
Select and Place:
-
Question 214:
Which two statements about the Cisco FireAMP solution are true? (Choose two)
A. It can perform dynamic analysis in the FireAMP Private Cloud
B. The FireAMP connector can detect malware in network traffic and when files are downloaded and executed
C. The FireAMP Private Cloud provides an on-premises option for file disposition lookups and retrospective event generation
D. The FireAMP connector is compatible with antivirus software on the endpoint, but you must configure an exclusion to prevent the Connector from scanning the antivirus directory
E. The FireAMP connector can provide information about potentially malicious network connections
F. The FireAMP Private cloud can act as an anonymized proxy to transport endpoint event data to the AMP public cloud for disposition lookups
G. The FireAMP connector detects a malware in network traffic, it generates a malware event and a network event. -
Question 215:
When applying MD5 route authentication on routers running RIP or EIGRP, which two important key chain considerations should be accounted for? (Choose two)
A. Key 0 of all key chains must match for all routers in the autonomous system.
B. The lifetimes of the keys in the chain should overlap.
C. Routers should be configured for NTP to synchronize their clocks.
D. No more than three keys should be configured in any single chain.
E. Link compression techniques should be disabled on links transporting any MD5 hash. -
Question 216:
Which two protocols are used by the management plane in a Cisco lOS device? (Choose two)
A. DHCP
B. TLS
C. Telnet
D. 3DES
E. SNMP
F. IKEv2
G. CHAP
H. RIP
I. PAP -
Question 217:
Which Statement about the TLS security protocol is true?
A. You need to replace SSl certificate with TLS certificate for successful TLS operation
B. The TLS and SSL versions cannot interoperation the client-server handshake
C. It only supports data authentication for the client-server session using a browser 0. There are no differences between TLS and SSL versions 2 and 3.
D. TLS version 1.0 is less secure than SSL version 3.0
E. It is always recommended to disable TLS version 1.0 in the browser so that it only supports SSl for better security -
Question 218:
With Cisco NGFW, what is used to normalize traffic in order to minimize the chance that an attacker can evade detection using inline deployments?
A. Preprocessors
B. Pre-Filters
C. Events Action Filters
D. Lina Processors
E. Security Intelligence -
Question 219:
Which two methods can be used to remove the previous vendor profiles from the mobile device? (Choose two)
A. Disable the ISE profiling feature
B. Vendor profiles cannot be removed
C. Go to MyDevices portal in ISE and click corporate wipe
D. Use the "full wipe" option and reset the device to factory setting
E. Use the "corporate wipe" option offered by the vendor. -
Question 220:
Which command sequence do you enter to add the host 10.2.1.0 to the CISCO object group?
A. object-group network CISCO group-object 10.2.1.0
B. object network CISCO network-object object 10.2.1.0
C. object-group network CISCO network-object host 10.2.1.0
D. object network CISCO group-object 10.2.1.0
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 400-251 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.