This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Thu Apr 25 20:56:37 2024 / +0000 GMT ___________________________________________________ Title: [Full-Version!]Braindump2go 400-251 (CCIE Security) VCE & PDF 1106Q&As Free Offer[Question66-Question75] --------------------------------------------------- 2017 CISCO Official News: 350-018 Exam is Replaced by 400-251 Written Exam Now! 2017 New 400-251: CCIE Security Written Exam v5.1 PDF and VCE Dumps Just Released Today by Braindump2go.com! 1.|2017 NEW 400-251 Written Exam Dumps (PDF & VCE) 1106Q&As  Download:http://www.braindump2go.com/400-251.html 2.|2017 NEW 400-251 Written Exam Questions & Answers:http://www.braindump2go.com/400-251.html   QUESTION 66What are the two most common methods that security auditors use to assess an organization's security processes? (Choose two) A.    social engineering attemptsB.    interviewsC.    policy assessmentD.    penetration testingE.    document reviewF.    physical observations Answer: AE QUESTION 67On Which encryption algorithm is CCMP based? A.    IDEAB.    BLOWFISHC.    RCSD.    3DESE.    AES Answer: E QUESTION 68By defaults which amount of time does the ASA add to the TTL value of a DNS entry to determine the amount of time a DNS entry is valid? A.    60 secondsB.    30 secondsC.    0 secondD.    180 secondsE.    120 secondsF.    100 seconds Answer: A QUESTION 69Drag and Drop QuestionDrag and drop the desktop-security terms from the left onto their right definitions on the right. Answer:   QUESTION 70What is the name of the unique tool/feature in cisco security manager that is used to merge an access list based on the source/destination IP address service or combination of these to provide a manageable view of access policies? A.    merge rule toolB.    policy simplification toolC.    rule grouping toolD.    object group toolE.    combine rule tool Answer: E QUESTION 71Refer to the exhibit. Which statement about the effect of this configuration is true?  A.    reply protection is disableB.    It prevent man-in-the-middle attacksC.    The replay window size is set to infinityD.    Out-of-order frames are dropped Answer: D QUESTION 72when a host initiates a TCP session, what is the numerical range into which the initial sequence number must fail? A.    0 to 65535B.    1 to 1024C.    0 to 4,294,967,295D.    1 to 65535E.    1 to 4,294,967,295F.    0 to 1024 Answer: C QUESTION 73What port has IANA assigned to the GDOI protocol? A.    UDP 4500B.    UDP 500C.    UDP 1812D.    UDP 848 Answer: D QUESTION 74Drag and Drop QuestionDrag each Cisco TrustSec feature on the left to its description on the right. Answer:   QUESTION 75Which statement is true about SYN cookies? A.    The state is kept on the server machine TCP stackB.    A system has to check every incoming ACK against state tablesC.    NO state is kept on the server machine state but is embedded in the initial sequence numberD.    SYN cookies do not help to protect against SYN flood attacks Answer: C !!! RECOMMEND!!! 1.|2017 NEW 400-251 Exam Dumps (PDF & VCE) 1106Q&As  Download:http://www.braindump2go.com/400-251.html 2.|2017 NEW 400-251 Study Guide Video: YouTube Video: YouTube.com/watch?v=GSXnXKIh834 --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2017-02-13 08:54:26 Post date GMT: 2017-02-13 08:54:26 Post modified date: 2017-02-13 08:54:26 Post modified date GMT: 2017-02-13 08:54:26 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com