400-251 Exam Details
-
Exam Code
:400-251 -
Exam Name
:CCIE Security Written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:665 Q&As -
Last Updated
:Dec 10, 2021
Cisco 400-251 Online Questions & Answers
-
Question 421:
When you use the Firepower Management Center to deploy an access control policy to a managed device, which process is restarted?
A. kupdate
B. snort
C. crond
D. reportd
E. mysqld -
Question 422:
Which two statements about Cisco URL Filtering on Cisco IOS Software are true? (Choose two)
A. It supports Websense and N2H2 filtering at the same time,
B. It supports local URL lists and third-party URL filtering servers.
C. By default, it uses ports 80 and 22.
D. It supports HTTP and HTTPS traffic.
E. BY default, it allows all URLs when the connection to the filtering server is down.
F. It requires minimal CPU time. -
Question 423:
A perimeter firewall can be rendered completely useless when limited or no DDOS protection is provided. However, the effects can be mitigated if a firewall is tuned to manage the load more efficiently. Which policy do you configure on a Firepower System to mitigate these effects?
A. SSL
B. intrusion
C. quality of service
D. Prefilter
E. file -
Question 424:
Which statement about the Traffic Substitution and Insertion attack is true?
A. It substitutes by performing action slower than normal not exceeding threshold
B. It is used for reconnaissance.
C. It substitutes payload data in a different format but has the same meaning.
D. It is form of a DoS attack.
E. It substitutes payload data In the same format but has different meaning.
F. It substitutes by performing action faster than normal not exceeding threshold
G. It is a form pivoting In the network -
Question 425:
The purpose of an authentication proxy is to force the user to authenticate to a network device before users are allowed access through the device. This is primarily used for HTTP based services, but also can be used for other services. In the case of an ASA, what does ISE have to send to enforce this access policy?
A. LDAP attribute with ACL
B. Group Policy enabled for proxy-auth
C. Downloadable ACL
D. Not possible on the ASA
E. VLAN
F. Redirect URL to ISE -
Question 426:
Refer to the exhibit.
A customer reports to Cisco TAC that one of the Windows clients that is supposed to log in to the network using MAB can no longer access any allowed resources. Which possible cause of the MAB failure is true?
A. MAB is disabled on port Gi1/0/9.
B. AAA authorization is incorrectly configured on the switch.
C. CTS is configured incorrectly on the switch. -
Question 427:
Which statement about Cisco Firepower Advanced Malware Protection inspection is true?
A. With dynamic analysis, the system preclassifies suspicious files as potential malware and submits them to the AMP Threat Grid for analysis
B. If the system determines a file inside an archive to be malware, it can block the specific file without blocking the archive
C. The SHA-256 value of a file is calculated only if you configure a file policy with the Malware Cloud Lookup action
D. If the system preclassifies a file potential malware, it automatically quarantines the file and alerts the administrator to take further action
E. When local malware analysis is complete, it produces a threat score that you can click to review details of the analysis
F. The AMP for Firepower network-based solution supports malware detection in a broader range of files types than AMP for endpoints
G. The system can analyze up to two layers of nested files in ZIP and RAR archives and automatically block files with more layers -
Question 428:
Which statement of DKIM signing in ESA is true?
A. The signing private key is required by the sending server
B. The outgoing profile in ESA is configured with signing private key
C. The domain profile is used to assoç©‹iate the sendline domain with the signing key
D. The receiving server gets the signing public key from ISE
E. The ESA does not allow the creation of a signing key pair
F. The signilng public key is required by the receiving server -
Question 429:
DRAG DROP
Drag each IP transmission and fragmentation term on the left to the matching statement on the right?
Select and Place:
-
Question 430:
Which two options are normal functionalities for ICMP? (Choose two) A. host detection
B. packet filtering
C. relaying traffic statistics to applications
D. path MTU discovery
E. port scanning
F. router discovery
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 400-251 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.