[Free] 2017(Nov) Dumps4cert Testinsides Cisco 400-251 Dumps with VCE and PDF Download 271-280

Dumps4cert 2017 Nov Cisco Official New Released 400-251
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/400-251.html

CCIE Security Written Exam (v5.0)

Question No: 271 – (Topic 2)

Dumps4Cert 2017 PDF and VCE

Refer to the exhibit Which as-path access-list regular expression should be applied on R2 as a neighbor filter list to only allow update with and origin of AS 65503?

A. _65509.?$ B. _65503$ C. ^65503.* D. ^65503$ E. _65503_ F. 65503

Answer: C

Question No: 272 DRAG DROP – (Topic 2)

Drag and drop the DNS record types from the left to the matching descriptions to the right

Dumps4Cert 2017 PDF and VCE

Answer:

Dumps4Cert 2017 PDF and VCE

Explanation:

DNSkEY: contains a public key for use by the resolver NSEC: Link to the zone#39;s next record name

NSEC3 : contains a hashed link to the zone#39;s next record name PRSIG: contains the record set#39;s DNSSEC signature

NSEC3PARAM : used by authoritative DNS servers when responding to DNSSEC requests

DS : holds the delegated zone#39;s name

Question No: 273 – (Topic 2)

On which two protocols is VNC based?(Choose two)

  1. Rdesktop

  2. UDP

  3. RFB

  4. Terminal Services Client

  5. CoRD

  6. TCP

Answer: C,F

Question No: 274 – (Topic 2)

Dumps4Cert 2017 PDF and VCE

Refer to the exhibit What is the configuration design to prevent?

  1. Man in the Middle Attacks

  2. Dynamic payload inspection

  3. Backdoor control channels for infected hosts

  4. DNS Inspection

Answer: D

Question No: 275 – (Topic 2)

What protocol provides security for datagram protocols?

  1. MAB

  2. DTLS

  3. SCEP

  4. GET

  5. LDP

Answer: B

Question No: 276 – (Topic 2)

What command specifies the peer from which MSDP SA message are accepted?

  1. IP msdpsa-filter in lt;peergt;[listlt;aclgt;] [route-map lt;mapgt; ]

  2. Ipmsdp default-peer lt;peergt;

  3. Ipmsdp mesh-group

  4. Ipmsdp originator-id lt;interfacegt;

Answer: B

Question No: 277 – (Topic 2)

What is the effect of the following command on Cisco IOS router? ip dns spoofing 1.1.1.1

  1. The router will respond to the DNS query with its highest loopback address configured

  2. The router will respond to the DNS query with 1.1.1.1 if the query id for its own hostname

  3. The router will respond to the DNS query with the IP address of its incoming interface for any hostname query

  4. The router will respond to the DNS query with the IP address of its incoming interface for its own hostname

Answer: D

Question No: 278 – (Topic 2)

Dumps4Cert 2017 PDF and VCE

With this configuration you notice that the IKE and IPsec SAs come up between the spoke and the hub, but NHRP

registration fails Registration will continue to fail until you do which of these?

  1. Modify the NHRP network IDs to match on the hub and spoke.

  2. configure the ip nhrp caches non-authoritative command on the hub’s tunnel interface.

  3. modify the tunnel keys to match on the hub and spoke.

  4. modify the NHRP hold time to match on the hub and spoke.

Answer: C

Question No: 279 – (Topic 2)

Dumps4Cert 2017 PDF and VCE

Refer to the exhibit. If you apply the given command to a Cisco device running IOS or IOS XE, which two statements about connections to the HTTP server on the device are true?(Choose two)

  1. The device will close each connection after 90 seconds even if a connection is actively processing a request.

  2. Connections will close after 60 seconds without activity or 90 seconds with activity.

  3. Connections will close after 60 seconds or as soon as the first request is processed.

  4. When you apply the command , the device will immediately close any existing connections that have been open for longer than 90 seconds.

  5. Connections will close after 60 seconds without activity or as soon as the first request is processed.

Answer: C,E

Question No: 280 – (Topic 2)

Which statement regarding the routing functions of the Cisco ASA is true running software version 9.2?

  1. In a failover pair of ASAs, the standby firewall establishes a peer relationship with OSPF neighbors

  2. The ASA supports policy-based routing with route maps

  3. Routes to the Null0 interface cannot be configured to black-hole traffic

  4. The translations table cannot override the routing table for new connections

Answer: C

100% Free Download!
Download Free Demo:400-251 Demo PDF
100% Pass Guaranteed!
Download 2017 Dumps4cert 400-251 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Dumps4cert IT Certification PDF and VCE