aiotestking uk

400-251 Exam Questions - Online Test


400-251 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. In Cisco Wireless LAN Controller (WLC. which web policy enables failed Layer 2 authentication to fall back to WebAuth authentication with a user name and password?

A. On MAC Filter Failure

B. Pass through

C. Splash Page Web Redirect

D. Conditional Web Redirect

E. Authentication

Answer: A

Q2. All of these Cisco security products provide event correlation capabilities excepts which one?

A. Cisco Security MARS

B. Cisco Guard/Detector

C. Cisco ASA adaptive security appliance

D. Cisco IPS

E. Cisco Security Agent.

Answer: C

Q3. Which two of the following ICMP types and code should be allowed in a firewall to enable traceroute? (Choose two)

A. Destination Unreachable-protocol Unreachable

B. Destination Unreachable-port Unreachable

C. Time Exceeded-Time to Live exceeded in Transit

D. Redirect-Redirect Datagram for the Host

E. Time Exceeded-Fragment Reassembly Time Exceeded

F. Redirect-Redirect Datagram for the Type of service and Host

Answer: B,C

Q4. Refer to the exhibit, what Is the effect of the given command sequence?

A. The router telnet to the on port 2002

B. The AP console port is shut down.

C. A session is opened between the router console and the AP.

D. The router telnet to the router on port 2002.

Answer: C

Q5. According ISO27001 ISMS, which of the following are mandatory documents? (Choose 4)

A. ISMS Policy

B. Corrective Action Procedure

C. IS Procedures

D. Risk Assessment Reports

E. Complete Inventory of all information assets

Answer: A,B,C,D

Q6. When configuration Cisco IOS firewall CBAC operation on Cisco routers, the “inspection rule” can be applied at which two location?(Choose two)

A. at the trusted and untrusted interfaces in the inbound direction.

B. at the trusted interface in the inbound direction.

C. at the trusted and untrusted interfaces in the outbound direction.

D. at the untrusted interface in the inbound direction.

E. at the trusted interface in the outbound direction.

F. at the trusted interface in the outbound direction.

Answer: B,F

Q7. Which two statement about DTLS are true ? (choose two)

A. Unlike TLS,DTLS support VPN connection with ASA.

B. It is more secure that TLS.

C. When DPD is enabled DTLS connection can automatically fall back to TLS.

D. It overcomes the latency and bandwidth problem that can with SSL.

E. IT come reduce packet delays and improve application performance.

F. It support SSL VPNs without requiring an SSL tunnel.

Answer: C,D

Q8. Refer to the exhibit 

What is the configuration design to prevent?

A. Man in the Middle Attacks

B. Dynamic payload inspection

C. Backdoor control channels for infected hosts

D. DNS Inspection

Answer: D

Q9. What ASA feature can do use to restrict a user to a specific VPN group?

A. A webtypeACL

B. MPF

C. A VPN filter

D. Group-lock

Answer: D

Q10. What are two features of cisco IOS that can help mitigate Blaster worm attack on RPC ports? (Choose two)

A. FPM

B. DCAR

C. NBAR

D. IP source Guard

E. URPF

F. Dynamic ARP inspection

Answer: D,E