400-251 Exam Questions - Online Test
400-251 Premium VCE File
150 Lectures, 20 Hours
Q1. What protocol is responsible for issuing certificates?
A. SCEP
B. DTLS
C. ESP
D. AH
E. GET
Answer: A
Q2. Which two statements about LEAP are true? (Choose two)
A. It is compatible with the PAP and MS-CHAP protocols
B. It is an ideal protocol for campus networks
C. A symmetric key is delivered to the authenticated access point so that future connections from the same client can be encrypted with different keys
D. It is an open standard based on IETF and IEEE standards
E. It is compatible with the RADIUS authentication protocol
F. Each encrypted session is authentication by the AD server
Answer: E,F
Q3. Which two statement about the multicast addresses query message are true?(choose two)
A. They are solicited when a node initialized the multicast process.
B. They are used to discover the multicast group to which listeners on a link are subscribed
C. They are used to discover whether a specified multicast address has listeners
D. They are send unsolicited when a node initializes the multicast process
E. They are usually sent only by a single router on a link
F. They are sent when a node discover a multicast group
Answer: B,C
Q4. According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery?
A. Allow only POST requests.
B. Mark all cookies as HTTP only.
C. Use per-session challenge tokens in links within your web application.
D. Always use the "secure" attribute for cookies.
E. Require strong passwords.
Answer: C
Q5. Which three statements about SCEP are true?(Choose three)
A. It Supports online certification revocation.
B. Cryptographically signed and encrypted message are conveyed using PKCS#7.
C. The certificate request format uses PKCS#10.
D. It supports multiple cryptographic algorithms, including RSA.
E. CRL retrieval is support through CDP (Certificate Distribution Point) queries.
F. It supports Synchronous granting.
Answer: B,C,E
Q6. Your 1Pv6 network uses a CA and trust anchor to implement secure network discover. What extension must your CA certificates support?
A. extKeyUsage
B. nameConstrainsts
C. id-pe-ipAddrBlocks
D. Id-pe-autonomousSysldsE. Ia-ad-calssuers
E. keyUsage
Answer: B
Q7. Which two router configurations block packets with the Type 0 Routing header on the interface? (choose two)
A. Ipv6 access-list Deny_Loose_Routing permit ipv6 any any routing-type 0 deny ipv6 any any
interface FastEthernet0/0
ipv6 traffic-filter Deny_Loose_Source_Routing in
B. Ipv6 access-list-Deny_Loose_Source_Routing Deny ipv6 FE80::/10 any mobility –type bind-refresh Permit ipv6 any any
Interface FastEthernet/0 Ipv6 tr
Affic-filter Deny_Loose_Source_Routing in
C. Ipv6 access-list Deny_Loose_Source_Routing Deny ipv6 any any routing-type 0
Permit ipv6 any any Interface FastEthernet0/0
Ipv6 traffic –filter Deny_Loose_Routing in
D. Ipv6 access –list Deny_Loose_Source_Routing Deny ipv6 any FE80: :/10 routing –type 0
Deny ipv6 any any routing –type 0 Permit ipv6 any any
Interface FastEthernet t0/0
Ipv6 traffic –filter Deny_Loose_Source_Routing in
E. Ipv6 access –list Deny_Loose_Source_Routing Sequence 1 deny ipv6 any any routing –type 0 log-input
Sequence 2 permit ipv6 any any flow –label 0 routing interface Fastethernet0/0 Ipv6 traffic-filter Deny_Loose_Source_Routing in
Answer: C,D
Q8. Which two statement about MSDP ate true? (Choose three)
A. It can connect to PIM-SM and PIM-DM domains
B. It announces multicast sources from a group
C. The DR sends source data to the rendezvous point only at the time the source becomes active
D. It can connect only to PIM-DM domains
E. It registers multicast sources with the rendezvous point of a domain
F. It allows domains to discover multicast sources in the same or different domains.
Answer: B,E,F
Q9. You want to enable users in your company’s branch offices to deploy their own access points using WAN link from the central office, but you are unable to a deploy a controller in the branch offices. What lightweight access point wireless mode should you choose?
A. TLS mode
B. H-REAP mode
C. Monitor mode
D. REAP mode
E. Local mode
Answer: B
Q10. Which two statements describe the Cisco TrustSec system correctly? (Choose two.)
A. The Cisco TrustSec system is a partner program, where Cisco certifies third-party security products as extensions to the secure infrastructure.
B. The Cisco TrustSec system is an approach to certifying multimedia and collaboration applications as secure.
C. The Cisco TrustSec system is an Advanced Network Access Control System that leverages enforcement intelligence in the network infrastructure.
D. The Cisco TrustSec system tests and certifies all products and product versions that make up the system as working together in a validated manner.
Answer: C,D
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 400-101 Dumps With Update Exam Questions (401-410)
- [2021-New] Cisco 300-075 Dumps With Update Exam Questions (5-14)
- [2021-New] Cisco 300-115 Dumps With Update Exam Questions (81-88)
- [2021-New] Cisco 210-060 Dumps With Update Exam Questions (31-40)
- Pinpoint Cisco 200-201 Sample Question Online
- The Leading Guide To 500-901 Free Download
- [2021-New] Cisco 640-916 Dumps With Update Exam Questions (11-20)
- Cisco 210-065 Exam Questions 2021
- Accurate 500-325 Forum 2021