New 400-251 exam questions from PassLeader 400-251 dumps! Welcome to download the newest PassLeader 400-251 VCE and PDF dumps: https://www.passleader.com/400-251.html (791 Q&As — 2019 NEW VERSION!!!)
P.S. Free 400-251 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpd3JLalNVS0VWbms
NEW QUESTION 1
If multiple contexts share an ingress interface, which would be the criteria used by ASA for packet classification?
A. Destination IP address
B. ASA ingress interface IP address
C. ASA ingress interface unique MAC address
D. ASA NAT configuration
E. Policy based routing on ASA
F. ASA egress interface IP address
G. Destination MAC address
Answer: C
NEW QUESTION 2
What would describe Cisco Virtual Topology System?
A. Package that contains an entire runtime environment
B. An agent that resides on physical deviceS
C. Web server hosting for NX-OS
D. Overlay provisioning and management solution
Answer: D
NEW QUESTION 3
Which of the following Cisco products gives ability to interact with malware for its behavior analysis?
A. NGIPS
B. FMC
C. ASA
D. DNA
E. Threat Grid
F. pxGrid
Answer: E
NEW QUESTION 4
Which of the following is part of DevOps virtuous Cycle?
A. Lower Quality
B. Increased Latency
C. Slower Releases
D. Improved Scalability
Answer: D
NEW QUESTION 5
Which statement correctly describes AES encryption algorithm?
A. It works on substitution and permutation principle.
B. It uses three encryption keys of length 168, 112 and 56 bits.
C. Reapplying same encryption key three times makes it less vulnerable then 3DES.
D. It only provides data integrity.
E. Theoretically 3DES is more secure then AES.
Answer: A
NEW QUESTION 6
In FMC the correlation rule could be based on which two elements? (Choose two.)
A. Authorization rule
B. Intrusion event
C. CoA (Change of authorization)
D. Traffic profile Variation
E. NDAC (Network Device Admission Control)
F. SGT (Security Group TAG) mapping
G. Database type
H. Authentication condition
Answer: BD
NEW QUESTION 7
Which statement is true regarding the wireless security technologies?
A. WPA provides message integrity using AES.
B. WPA2-PSK mode allows passphrase to store locally on the device.
C. WEP is more secure than WPA2 because it uses AES for encryption.
D. WPA2-ENT mode does not require RADIUS for authentication.
E. WPA2-PSK mode provides better security by having same passphrase across the network.
F. WPA2 is more secure than WPA because it uses TKIP for encryption.
Answer: B
NEW QUESTION 8
What does NX-API use as its transport?
A. SCP
B. FTP
C. SSH
D. SFTP
E. HTTP/HTTPS
Answer: E
NEW QUESTION 9
What are the three configurations in which SSL VPN can be implemented? (Choose three.)
A. WebVPN
B. PVC Tunnel Mode
C. Interactive mode
D. L2TP over IPSec
E. Thin-Client
F. AnyConnect Tunnel Mode
G. Clientless
H. CHAP
Answer: EFG
NEW QUESTION 10
Nexus 9000 Platform supports which of the following configuration management tools?
A. Ansible
B. Chef
C. Jenkins
D. Puppet
E. Salt
Answer: D
NEW QUESTION 11
Which three types of addresses can the Botnet Filter feature of the Cisco ASA monitor? (Choose three.)
A. Known allowed addresses
B. Dynamic addresses
C. Internal addresses
D. Ambiguous addresses
E. Known malware addresses
F. Listed addresses
Answer: ADE
NEW QUESTION 12
In your network, you require all guests to authenticate to the network before getting access, however, you don’t want to be stuck creating or approving accounts. It is preferred that this is all taken care by the user, as long as their device is registered. Which two mechanisms can be used to provide this functionality? (Choose two.)
A. Social media login, with device registration.
B. Guest’s own organization authentication service, with device registration.
C. PAP based authentication, with device registration.
D. Active Directory, with device registration.
E. 802.1x based user registration, with device registration.
F. Self-registration of user, with device registration.
Answer: AF
NEW QUESTION 13
What are the advantages of using LDAP over AD?
A. LDAP allows for granular policy control, whereas AD does not.
B. LDAP provides for faster authentication.
C. LDAP can be configured to use primary and secondary server, whereas AD cannot.
D. LDAP does not require ISE to join the AD domain.
E. The closest LDAP servers are used for Authentication.
Answer: C
NEW QUESTION 14
Which of the following is the correct statement regarding enabling SMTP encryption on ESA?
A. Enabling TLS is an optional step.
B. TLS can be enabled only for receiving.
C. Enabling TLS for delivery goes under the “Destination Controls” menu of mail policies.
D. It only allows to use the self signed certificates.
E. TLS can be enabled only for delivery.
F. It allows to import certificate from CA.
Answer: C
NEW QUESTION 15
Which three messages are part of the SSL protocol? (Choose three.)
A. Change CipherSpec
B. Alert
C. Record
D. Message Authenication
E. CipherSpec
F. Handshake
Answer: ABF
NEW QUESTION 16
……
New 400-251 exam questions from PassLeader 400-251 dumps! Welcome to download the newest PassLeader 400-251 VCE and PDF dumps: https://www.passleader.com/400-251.html (791 Q&As — 2019 NEW VERSION!!!)
P.S. Free 400-251 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpd3JLalNVS0VWbms
