This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Sat Apr 27 4:33:26 2024 / +0000 GMT ___________________________________________________ Title: [Full-Version!]Free 400-251 (CCIE Security) VCE Dumps and 400-251 (CCIE Security) PDF Dumps Offered by Braindump2go[Question26-Question35] --------------------------------------------------- 2017 CISCO Official News: 350-018 Exam is Replaced by 400-251 Written Exam Now! 2017 New 400-251: CCIE Security Written Exam v5.1 PDF and VCE Dumps Just Released Today by Braindump2go.com! 1.|2017 NEW 400-251 Written Exam Dumps (PDF & VCE) 1106Q&As  Download:http://www.braindump2go.com/400-251.html 2.|2017 NEW 400-251 Written Exam Questions & Answers:http://www.braindump2go.com/400-251.html   QUESTION 26You have been asked to configure a Cisco ASA appliance in multiple mode with these settings:(A) You need two customer contexts, named contextA and contextB(B) Allocate interfaces G0/0 and G0/1 to contextA(C) Allocate interfaces G0/0 and G0/2 to contextB (D) The physical interface name for G0/1 within contextA should be "inside".(E) All other context interfaces must be viewable via their physical interface names.If the admin context is already defined and all interfaces are enabled, which command set will complete this configuration? A.    context contextAconfig-url disk0:/contextA.cfgallocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/1 inside context contextBconfig-url disk0:/contextB.cfgallocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/2 visibleB.    context contextaconfig-url disk0:/contextA.cfgallocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/1 inside context contextbconfig-url disk0:/contextB.cfgallocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/2 visibleC.    context contextAconfig-url disk0:/contextA.cfgallocate-interface GigabitEthernet0/0 invisible allocate-interface GigabitEthernet0/1 inside context contextBconfig-url disk0:/contextB.cfgallocate-interface GigabitEthernet0/0 invisible allocate-interface GigabitEthernet0/2 invisibleD.    context contextAconfig-url disk0:/contextA.cfgallocate-interface GigabitEthernet0/0 allocate-interface GigabitEthernet0/1 insidecontext contextBconfig-url disk0:/contextB.cfgallocate-interface GigabitEthernet0/0 allocate-interface GigabitEthernet0/2E.    context contextAconfig-url disk0:/contextA.cfgallocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/1 inside context contextBconfig-url disk0:/contextB.cfgallocate-interface GigabitEthernet0/1 visible allocate-interface GigabitEthernet0/2 visible Answer: A QUESTION 27Which statement about the cisco anyconnect web security module is true ? A.    It is VPN client software that works over the SSl protocol.B.    It is an endpoint component that is used with smart tunnel in a clientless SSL VPN.C.    It operates as an NAC agent when it is configured with the Anyconnect VPN client.D.    It is deployed on endpoints to route HTTP traffic to SCANsafe Answer: D QUESTION 28Which two statements about the SeND protocol are true? (Choose two) A.    It uses IPsec as a baseline mechanismB.    It supports an autoconfiguration mechanismC.    It must be enabled before you can configure IPv6 addressesD.    It supports numerous custom neighbor discovery messagesE.    It counters neighbor discovery threatsF.    It logs IPv6-related threats to an external log server Answer: BE QUESTION 29Drag and Drop QuestionDrag each attack type on the left to the matching attack category on the right. Answer:  QUESTION 30Refer to the exhibit. You executed the show crypto key mypubkey rsa command to verify that the RSA key is protected and it generated the given output. What command must you have entered to protect the key?  A.    crypto key decrypt rsa name pki.cisco.com passphrase CiscoPKIB.    crypto key zeroize rsa CiscoPKIC.    crypto key export ras pki.cisco.com pem url flash: 3des CiscoPKID.    crypto key lock rsa name pki.cisco.com passphrase CiscoPKIE.    crypto key import rsa pki.cisco.com pem url nvram: CiscoPKI Answer: D QUESTION 31Refer to the exhibit. What is the effect of the given command sequence?  A.    The HTTP server and client will negotiate the cipher suite encryption parameters.B.    The server will accept secure HTTP connections from clients with signed security certificates.C.    The client profile will match the authorization profile defined in the AAA server.D.    The clients are added to the cipher suite's profile.E.    The server will accept secure HTTP connections form clients defined in the AAA server. Answer: B QUESTION 32In ISO 27002, access control code of practice for information Security Management servers which of the following objective? A.    Implement protocol control of user, network and application accessB.    Optimize the audit processC.    Prevent the physical damage of the resourcesD.    Educating employees on security requirements and issues Answer: A QUESTION 33Which two options are differences between a automation and orchestration? (Choose two) A.    Automation is an IT workflow composed of tasks, and orchestration is a technical task.B.    Orchestration is focused on multiple technologies to be integrated together.C.    Orchestration is focused on an end-to-end process or workflowD.    Automation is to be used to replace human intervention.E.    Automation is focused on automating a single or multiple tasks. Answer: BC QUESTION 34What is the first step in performing a risk assessment? A.    Identifying critical services and network vulnerabilities and determining the potential impact of their compromise or failure.B.    Investigating reports of data theft or security breaches and assigning responsibility.C.    Terminating any employee believed to be responsible for compromising security.D.    Evaluating the effectiveness and appropriateness of the organization's current risk-management activities.E.    Establishing a security team to perform forensic examinations of previous known attacks. Answer: A QUESTION 35Which description of a virtual private cloud is true? A.    An on-demand configurable pool of shared software applications allocated within a public cloud environment, which provides tenant isolationB.    An on-demand configurable pool of shared data resources allocated within a private cloud environment, which provides assigned DMZ zonesC.    An on-demand configurable pool of shared networking resources allocated within a private cloud environment, which provides tenant isolationD.    An on-demand configurable pool of shared computing resources allocated within a public cloud environment, which provides tenant isolation Answer: D !!! RECOMMEND!!! 1.|2017 NEW 400-251 Exam Dumps (PDF & VCE) 1106Q&As  Download:http://www.braindump2go.com/400-251.html 2.|2017 NEW 400-251 Study Guide Video: YouTube Video: YouTube.com/watch?v=GSXnXKIh834 --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2017-02-13 02:36:54 Post date GMT: 2017-02-13 02:36:54 Post modified date: 2017-02-13 02:36:54 Post modified date GMT: 2017-02-13 02:36:54 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com