[2021-New] Cisco 400-251 Dumps With Update Exam Questions (71-80)

400-251 Dumps

400-251 Exam Questions - Online Test

400-251 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. DRAG DROP

Drag each step in the configuration of flexiblenetflow IPv6 traffic Unicast flows on the left into the Correct order of operation on the right?

Answer:

Explanation:

Step 1: Configure the flow exporter

Step 2: configure flow record Step 3: configure flow monitor Step 4: Apply flow monitor Step 5: Configure data export.

Q2. Which two statement about MSDP ate true? (Choose three)

A. It can connect to PIM-SM and PIM-DM domains

B. It announces multicast sources from a group

C. The DR sends source data to the rendezvous point only at the time the source becomes active

D. It can connect only to PIM-DM domains

E. It registers multicast sources with the rendezvous point of a domain

F. It allows domains to discover multicast sources in the same or different domains.

Answer: B,E,F

Q3. What are the two IPSec modes? (Choose two)

A. Aggressive

B. ISAKMP

C. Transport

D. IKE

E. Main

F. Tunnel

Answer: C,F

Q4. DRAG DROP

Drag each IP transmission and fragmentation term on the left to the matching statement on the right?

Answer:

Explanation: DF bit: A value in the IP header that indicates whether packet fragmentation is permitted.

Fragment offset: A value in the IP packet that indicates the location of a fragment in the datagram.

MF bit: Indicates that this is last packet with the biggest offset.

MSS: The amount of data that the receiving host can accept in each TCP segment. MTU: A value representing the maximum acceptable length of a packet to be transmitted over a link. PMTUD: A technology used to prevent fragmentation as data travels between two end points.

Tunnel: A logical interface allows packet to be encapsulated inside a passenger protocol for transmission across a

different carrier protocol.

Q5. Your 1Pv6 network uses a CA and trust anchor to implement secure network discover. What extension must your CA certificates support?

A. extKeyUsage

B. nameConstrainsts

C. id-pe-ipAddrBlocks

D. Id-pe-autonomousSysldsE. Ia-ad-calssuers

E. keyUsage

Answer: B

Q6. Which description of a virtual private cloud is true?

A. An on-demand configurable pool of shared software applications allocated within a public cloud environment, which provides tenant isolation

B. An on-demand configurable pool of shared data resources allocated within a private cloud environment,

which provides assigned DMZ zones

C. An on-demand configurable pool of shared networking resources allocated within a private cloud environment, which provides tenant isolation

D. An on-demand configurable pool of shared computing resources allocated within a public cloud environment, which provides tenant isolation

Answer: D

Q7. Which configuration is the correct way to change VPN key Encryption key lifetime to 10800 seconds on the key server?

A. Option A

B. Option B

C. Option C

D. Option D

Answer: A

Q8. Which three options are methods of load-balancing data in an ASA cluster environment?(Choose three)

A. HSRP

B. spanned EtherChannel

C. distance-vector routing

D. PBR

E. floating static routes

F. ECMP

Answer: B,D,F

Q9. What are three QoS features supported on the ASA running version 8.x? (Choose Three)

A. Traffic shaping and standard priority queuing on the same interface.

B. IPSec-over-TCP priority queuing.

C. Traffic shaping within the class-default class map only.

D. Priority queuing.

E. Traffic shaping within any class map.

F. Traffic policing.

Answer: C,D,F

Q10. Which two statements about SGT Exchange Protocol are true? (Choose two)

A. It propagates the IP-to-SGT binding table across network devices that do not have the ability to perform

SGT tagging at Layer 2 to devices that support it

B. SXP runs on UDP port 64999

C. A connection is established between a “listener” and a “speaker”

D. SXP is only supported across two hops

E. SXPv2 introduces connection security via TLS

Answer: A,C