Elsa Kong

Member
Member
Joined
Jan 12, 2018
Messages
85
Reaction score
7
Points
18
2018-4-26 New Cisco 400-251 Real Exam Dumps with PDF and VCE Just Updated Today! Following are some new 400-251 Real Exam Questions:

QUESTION 166
When TCP intercept is enabled in its default mode, how does it react to a SYN request?


A. It intercepts the SYN before it reaches the server and responds with a SYN-ACK
B. It drops the connection
C. It monitors the attempted connection and drops it if it fails to establish within 30 seconds
D. It allows the connection without inspection
E. It monitors the sequence of SYN, SYN-ACK, and ACK messages until the connection is fully established


Answer: A
Explanation:
The default mode of TCP intercept is active intercept mode

http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfdenl.html

QUESTION 167
Refer to the exhibit. What are the two effects of the given configuration? (Choose two)


A. It permits Time Exceeded messages that indicate the fragment assembly time was exceeded
B. It permits Destination Unreachable messages that indicate the host specified in the datagram rejected the message due to filtering
C. It permits Destination Unreachable messages that indicate a problem delivering the datagram to the destination address specified in the datagram
D. It permits Parameter Problem messages that indicate an unrecognized value in the Next Header Filed
E. It permits Parameter Problem messages that indicate an error in the header
F. It permits Destination Unreachable messages that indicate an invalid port on the host specified in the datagram


Answer: CF
Explanation:
icmp type 1 code 3 is for address unreachable, icmp 1 code 4 is for port unreachable.

http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/22974-icmpv6codes.html

QUESTION 168
According ISO27001 ISMS, which of the following are mandatory documents? (Choose 4)


A. ISMS Policy
B. Corrective Action Procedure
C. IS Procedures
D. Risk Assessment Reports
E. Complete Inventory of all information assets


Answer: ACDE
Explanation:
Corrective action report is a required document but not the procedure

https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

QUESTION 169
Which two statements about ICMP redirect messages are true? (Choose two)


A. By default, configuring HSRP on the interface disables ICMP redirect functionality.
B. They are generated when a packet enters and exits the same router interface.
C. The messages contain an ICMP Type 3 and ICMP code 7.
D. They are generated by the host to inform the router of an alternate route to the destination.
E. Redirects are only punted to the CPU if the packets are also source-routed.


Answer: AB

QUESTION 170
Which two statements about NAT-PT with IPv6 are true? (Choose two)


A. It can be configured as dynamic, static, or PAT.
B. It provides end-to-end security.
C. It supports IPv6 BVI configurations.
D. It provides support for Cisco Express Forwarding.
E. It provides ALG support for ICMP and DNS.
F. The router can be a single point of failure on the network.


Answer: AE

QUESTION 171
Which of the following Cisco IPS signature engine has relatively high memory usage ?


A. The STRING-TCP engine
B. The STRING-UDP engine
C. The NORMALIZER engine
D. The STRING-ICMP engine


Answer: A
Explanation:
String-TCP engine has the highest number of signatures and has higher memory utilization

http://www.ndm.net/ips/pdf/cisco/IOS-IPS/white_paper_c11_549300.pdf

QUESTION 172
Which of the following two options can you configure to avoid iBGP full mesh?(Choose two)


A. BGP NHT
B. route reflector
C. local preference
D. confederations
E. Virtual peering


Answer: BD

QUESTION 173
Refer to the exhibit, if R1 is acting as a DHCP server, what action can you take to enable the pc to receive an ip address assignment from the DHCP server ?


A. Configure the IP local pool command on R2
B. Configure DHCP option 150 on R2
C. Configure the IP helper-address command on R2 to use R1's ip address
D. Configure the IP helper-address command on R1 to use R2's ip address
E. Configuration DHCP option 82 on R1
F. Configure the ip local pool command on R1


Answer: C

QUESTION 174
Which two statements about LEAP are true? (Choose two)


A. It is compatible with the PAP and MS-CHAP protocols
B. It is an ideal protocol for campus networks
C. A symmetric key is delivered to the authenticated access point so that future connections from the same client can be encrypted with different keys
D. It is an open standard based on IETF and IEEE standards
E. It is compatible with the RADIUS authentication protocol
F. Each encrypted session is authentication by the AD server


Answer: EF

QUESTION 175
Which two of the following ICMP types and code should be allowed in a firewall to enable traceroute? (Choose two)


A. Destination Unreachable-protocol Unreachable
B. Destination Unreachable-port Unreachable
C. Time Exceeded-Time to Live exceeded in Transit
D. Redirect-Redirect Datagram for the Host
E. Time Exceeded-Fragment Reassembly Time Exceeded
F. Redirect-Redirect Datagram for the Type of service and Host


Answer: BC

QUESTION 176
What are the three response types for SCEP enrollment requests? (Choose three.)


A. PKCS#7
B. Reject
C. Pending
D. PKCS#10
E. Success
F. Renewal


Answer: BCE

1.|2018 Latest 400-251 Exam Dumps (PDF & VCE) 359Q Download:

https://www.braindump2go.com/400-251.html

2.|2018 Latest 400-251 Exam Questions & Answers Download:

https://drive.google.com/drive/folders/0B75b5xYLjSSNcGJLWWtfdE96ZUU?usp=sharing
 

xander luis

Member
Member
Joined
Jun 28, 2018
Messages
227
Reaction score
111
Points
33
I have recently pass exam Cisco 400-251. It was too much difficult for me prepare the exam questions with full time job. Before 2 week of exam I was blank and 0% prepare for attempt exam. I have already pay the fee of exam I know my fee have waste because I was sure I cannot pass this exam. In 2 week I search a different shortcuts for pass the exam to help out passing the Cisco in few simple steps. However, I will not find valid 400-251 helping material. A friend of mine recommended using the 400-251 dumps provided by the braindumpspdf. I will not sure about it but when I prepare these Cisco 400-251 braindumpspdf approximately 89% exam questions comes from Cisco 400-251 pdf file. I must recommend you valid 400-251 study material. https://www.braindumpspdf.com/exam/400-251.html
 

bairstrowjhon

Banned
Banned
Joined
Sep 24, 2018
Messages
350
Reaction score
140
Points
33
The Cisco 400-251 exam is no more difficult. I have just check my result card it is unbelievable because I got 96% in Cisco 400-251 exam. I achieve this target only because of Pass4surekey Cisco 400-251 exam dumps pdf Practice Questions and Answers
 
Top