This page was exported from Lead2pass Dumps For Exam With New Updated Exam Questions [ ] Export date:Thu Jan 21 1:10:37 2021 / +0000 GMT ___________________________________________________ Title: [February 2018] Lead2pass New Released Cisco 400-251 Exam Questions From Cisco Exam Center 727q --------------------------------------------------- Lead2pass Offering New 400-251 Exam PDF And 400-251 Exam VCE Dumps For Free Downloading: QUESTION 11Drag and Drop QuestionDrag each OSPF security feature on the left to its description on the right. Answer: QUESTION 12Which VPN technology is based on GDOI (RFC 3547)? A.    MPLS Layer 3 VPNB.    MPLS Layer 2 VPNC.    GET VPND.    IPsec VPN Answer: C QUESTION 13Which statement about the 3DES algorithm is true? A.    The 3DES algorithm uses the same key for encryption and decryption,B.    The 3DES algorithm uses a public-private key pair with a public key for encryption and a private key for decryption.C.    The 3DES algorithm is a block cipher.D.    The 3DES algorithm uses a key length of 112 bits.E.    The 3DES algorithm is faster than DES due to the shorter key length. Answer: C QUESTION 14Which significant change to PCI DSS standards was made in PCI DSS version 3.1? A.    No version of TLS is now considered to provide strong cryptography.B.    Storage of sensitive authentication data after authorization is now permitted when proper encryption is applied.C.    Passwords are now required to be changed at least once every 30 days.D.    SSL is now considered a weak cryptographic technology.E.    If systems that are vulnerable to POODLE are deployed in an organization, a patching and audit review process must be implemented. Answer: D QUESTION 15Refer to the Exhibit, what is a possible reason for the given error? A.    One or more require application failed to respond.B.    The IPS engine is busy building cache files.C.    The IPS engine I waiting for a CLI session to terminate.D.    The virtual sensor is still initializing. Answer: D QUESTION 16Which three statements about the keying methods used by MAC Sec are true (Choose Three) A.    MKA is implemented as an EAPoL packet exchangeB.    SAP is enabled by default for Cisco TrustSec in manual configuration mode.C.    SAP is supported on SPAN destination portsD.    Key management for host-to-switch and switch-to-switch MACSec sessions is provided by MKAE.    SAP is not supported on switch SVIs .F.    A valid mode for SAP is NULL Answer: AEFExplanation: is disabled by default in Cisco TrustSec manual mode QUESTION 17Which two statements about Cisco ASA authentication using LDAP are true? (Choose two) A.    It uses attribute maps to map the AD memberOf attribute to the cisco ASA Group-Poilcy attributeB.    It uses AD attribute maps to assign users to group policies configured under the WebVPN contextC.    The Cisco ASA can use more than one AD memberOf attribute to match a user to multiple group policiesD.    It can assign a group policy to a user based on access credentialsE.    It can combine AD attributes and LDP attributes to configure group policies on the Cisco ASAF.    It is a closed standard that manages directory-information services over distributed networks Answer: BD QUESTION 18Drag and Drop QuestionDrag each IPS signature engine on the left to its description on the right. Answer: Explanation: 400-251 dumps full version (PDF&VCE): Large amount of free 400-251 exam questions on Google Drive: --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-02-28 03:08:00 Post date GMT: 2018-02-28 03:08:00 Post modified date: 2018-02-28 03:08:00 Post modified date GMT: 2018-02-28 03:08:00 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from