[Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 11-20

Get Full Version of the Exam

Question No.11

Which two statements about Cisco URL Filtering on Cisco IOS Software are true? (Choose two)

  1. It supports Websense and N2H2 filtering at the same time,

  2. It supports local URL lists and third-party URL filtering servers.

  3. By default, it uses ports 80 and 22.

  4. It supports HTTP and HTTPS traffic.

  5. BY default, it allows all URLs when the connection to the filtering server is down.

  6. It requires minimal CPU time.

Correct Answer: BF

Question No.12

Which statement about VRF-aware GDOI group members is true?

  1. The GM cannot route control traffic through the same VRF as data traffic.

  2. Multiple VRFs are used to separate control traffic and data traffic.

  3. Registration traffic and rekey traffic must operate on different VRFs.

  4. IPsec is used only to secure data traffic.

Correct Answer: B

Question No.13

Which statement about managing Cisco ISE Guest Services is true?

  1. Only a Super Admin or System Admin can delete the default Sponsor portal.

  2. Only ISE administrators from an external identify store can be members of a Sponsor group.

  3. By default, an ISE administrator can manage only the guest accounts he or she created in the Sponsor portal.

  4. ISE administrators can view and set a guest#39;s password to a custom value in the Sponsor portal.

  5. ISE administrators can access the Sponsor portal only if they have valid Sponsor accounts.

  6. ISE administrators can access the Sponsor portal only from the Guest Access menu.

    Correct Answer: C

    Question No.14

    What is an example of a stream cipher?

    1. RC4

    2. RC5

    3. DES

    4. Blowfish

Correct Answer: A

Question No.15

Which two options are benefits of global ACLs? (Choose two)

  1. They save memory because they work without being replicated on each interface.

  2. They are more efficient because they are processed before interface access rules.

  3. They are flexible because they match source and destination IP addresses for packets that arrive on any interface.

  4. They only operate on logical interfaces.

  5. They can be applied to multiple interfaces.

Correct Answer: AC

Question No.16

Refer to the exhibit. What is the maximum number of site-to-site VPNs allowed by this configuration?














Correct Answer: F

Question No.17

Which three statements about 802.1x multiauthentication mode are true? (Choose three.)

  1. It is recommended for guest VLANs.

  2. On non-802.1x devices, it can support only one authentication method on a single port.

  3. Each multiauthentication port can support only one voice VLAN.

  4. It is recommended for auth-fall VLANs.

  5. It requires each connected client to authenticate individually.

  6. It can be deployed in conjunction with MDA functionality on voice VLANs.

Correct Answer: CEF

Question No.18

Refer to the exhibit. Which two effects of this configuration are true? (Choose two.)


  1. The BGP neighbor session between R1 and R2 re-establishes after 100 minutes.

  2. A warning message is displayed on R2 after it receives 50 prefixes.

  3. A warning message is displayed on R2 after it receives 100 prefixes from neighbor

  4. The BGP neighbor session between R1 and R2 re-establishes after 50 minutes.

  5. The BGP neighbor session tears down after R1 receive 100 prefixes from neighbor

  6. The BGP neighbor session tears down after R1 receive 200 prefixes from neighbor

Correct Answer: CF

Question No.19

Which three statements about WCCP are true? (Choose three.)

  1. The minimum WCCP-Fast Timers messages interval is 500 ms

  2. Is a specific capability is missing from the Capabilities Info component, the router is assumed to support the default capability

  3. If the packet return method is missing from a packet return method advertisement, the web cache uses the Layer 2 rewrite method

  4. The router must receive a valid receive ID before it negotiates capabilities

  5. The assignment method supports GRE encapsulation for sending traffic

  6. The web cache transmits its capabilities as soon as it receives a receive ID from router

Correct Answer: ACE


Web Cache Communication Protocol (WCCP) http://www.cisco.com/c/en/us/td/docs/security/asa/special/wccp/guide/asa-wccp.html

Question No.20

What are the two different modes in which private AMP cloud can be deployed ? (Choose two)

  1. Air Gap Mode

  2. External Mode

  3. Internal Mode

  4. Public Mode

  5. Cloud Mode

  6. Cloud Proxy Mode

Correct Answer: AF

Get Full Version of the Exam
400-251 Dumps
400-251 VCE and PDF