Cisco 400-251 CCIE Security Written Exam

2020 Cisco Official New Released 400-251 Q&As
100% Free Download! 100% Pass Guaranteed!

[New Version Nov 2021] Certleader Cisco 400-251 Exam Dumps[Q61-Q72]

Q1. In Cisco Wireless LAN Controller (WLC. which web policy enables failed Layer 2 authentication to fall back to WebAuth authentication with a user name and password?A. On MAC Filter FailureB. Pass throughC. Splash Page Web RedirectD. Conditional Web RedirectE. AuthenticationView AnswerAnswer: AQ2. Which statement regarding the routing functions of the Cisco ASA is true running software versio

[New Version Oct 2021] Certleader Cisco 400-251 Exam Dumps[Q37-Q48]

Q1. Which two answers describe provisions of the SOX Act and its international counterpart Acts? (Choose two.)A. confidentiality and integrity of customer records and credit card informationB. accountability in the event of corporate fraudC. financial information handled by entities such as banks, and mortgage and insurance brokersD. assurance of the accuracy of financial recordsE. US Federal gov

[New Version Oct 2021] Certleader Cisco 400-251 Exam Dumps[Q25-Q36]

Q1. Which two statement about MSDP ate true? (Choose three)A. It can connect to PIM-SM and PIM-DM domainsB. It announces multicast sources from a groupC. The DR sends source data to the rendezvous point only at the time the source becomes activeD. It can connect only to PIM-DM domainsE. It registers multicast sources with the rendezvous point of a domainF. It allows domains to discover multicast

[New Version Aug 2021] Certleader Cisco 400-251 Exam Dumps[Q13-Q24]

Q1. Which two statements about the SHA-1 algorithm are true? (Choose two)A. The SHA-1 algorithm is considered secure because it always produces a unique hash for the same message.B. The SHA-1 algorithm takes input message of any length and produces 160-bit hash output.C. The SHA-1 algorithm is considered secure because it is possible to find a message from its hash.D. The purpose of the SHA-1 alg

[New Version Aug 2021] Certleader Cisco 400-251 Exam Dumps[Q1-Q12]

Q1. Which protocol does VNC use for remote access to a GUI?A. RTPSB. RARPC. E6D. SSHE. RFBView AnswerAnswer: DQ2. According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery?A. Allow only POST requests.B. Mark all cookies as HTTP only.C. Use per-session challenge tokens in links within your web application.D. Always use the "secure" attribute for cookies.

[New Version Aug 2021] Certleader Cisco 400-251 Exam Dumps[Q97-Q108]

Q1. Refer to the exhibit. Which effect of this configuration is true?A. It enables MLD query messages for all link-local groups.B. It configures the node to generate a link-local group report when it joins the solicited- node multicast group.C. It enables hosts to send MLD report messages for groups it enables local group membership for MLDv1 and MLDv2.E. It enables the host to se

[New Version Jul 2021] Certleader Cisco 400-251 Exam Dumps[Q85-Q96]

Q1. Which two statements about IPsec in a NAT-enabled environment are true? (Choose two)A. The hashes of each peer’s IP address and port number are compared to determine whether NAT-T is requiredB. NAT-T is not supported when IPsec Phase 1 is set to Aggressive ModeC. The first two messages of IPsec Phase 2 are used to determine whether the remote host supportsNAT-TD. NAT-T is not supported when

[New Version Jul 2021] Certleader Cisco 400-251 Exam Dumps[Q73-Q84]

Q1. Which three statements about Unicast RPF in strict mode and loose mode are true? (choose three)A. Inadvertent packet loss can occur when loose mode is used with asymmetrical routing.B. Strict mode requires a default route to be associated with the uplink network interface.C. Both loose and strict modes are configured globally on the router.D. Loose mode requires the source address to be prese

[New Version Jul 2021] Certleader Cisco 400-251 Exam Dumps[Q121-Q131]

Q1. Which two options are unicast address types for IPv6 addressing? (Choose two)A. EstablishedB. StaticC. GlobalD. DynamicE. Link-localView AnswerAnswer: C,EQ2. Which two router configurations block packets with the Type 0 Routing header on the interface? (choose two)A. Ipv6 access-list Deny_Loose_Routing permit ipv6 any any routing-type 0 deny ipv6 any anyinterface FastEthernet0/0ipv6 traffic

[New Version Jun 2021] Certleader Cisco 400-251 Exam Dumps[Q109-Q120]

Q1. What is the maximum pattern length supported by FPM searches within a packet ?A. 256 bytes B. 1500 bytesC. 512 bytesD. 128 bytesView AnswerAnswer: AQ2. Which two OSPF network types support the concept of a designated router? (Choose two.)A. broadcastB. NBMAC. point-to-multipointD. point-to-multipoint nonbroadcastE. loopbackView AnswerAnswer: A,BQ3. DRAG DROPDrag and drop the description

[New Version Jun 2021] Certleader Cisco 400-251 Exam Dumps[Q49-Q60]

Q1. DRAG DROPDrag and drop each syslog facility code on the left onto its description on the right.View AnswerAnswer: Explanation:A:1,B2,C:3,D:4,E:5,F:6Q2. Which three statement about VRF-Aware Cisco Firewall are true? (Choose three)A. It can run as more than one instance.B. It supports both global and per-VRF commands and DoS parameters.C. It can support VPN networks with overlapping address ra