[Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 71-80

Get Full Version of the Exam

Question No.71

Refer to the exhibit. Which data format is used in this script?


  1. JSON

  2. YANG

  3. API

  4. XML

  5. JavaScript

Correct Answer: D

Question No.72

Which command sequence do you enter to add the host to the CISCO object group?

  1. object-group network CISCO group-object

  2. object network CISCO network-object object

  3. object-group network CISCO network-object host

  4. object network CISCO group-object

Correct Answer: C

Question No.73

Which two statements about Cisco ASA authentication using LDAP are true? (Choose two.)

  1. It is a closed standard that manages directory-information services over distributed networks.

  2. It can combine AD attributes and LDAP attributes to configure group policies on the Cisco ASA.

  3. It uses attribute maps to map the AD memberOf attribute to the Cisco ASA Group-Policy attribute.

  4. It can assign a group policy to a user based on access credentials.

  5. It uses AD attribute maps to assign users to group policies configured under the WebVPN context.

  6. The Cisco ASA can use more than one AD memberOf attribute to match a user to multiple group policies.

Correct Answer: CE

Question No.74

Which two design options are best to reduce security concerns when adopting loT into an organization? (Choose two.)

  1. Segment the Field Area Network from the Data Center network.

  2. Encrypt sensor data in transit.

  3. Ensure that application can gather and analyze data at the edge.

  4. Implement video analytics on IP cameras.

  5. Encrypt data at rest on all devices in the loT network.

Correct Answer: AB

Question No.75

Which two statements about role-based access control are true? (Choose two.)

  1. The user profile on an AAA server is configured with the roles that grant user privileges.

  2. If the same user name is used for a local user account and a remote user account, the roles defined in the remote user account override the local user account.

  3. Server profile administrators have read and write access to all system logs by default.

  4. A view is created on the Cisco IOS device to leverage role-based access controls.

  5. Network administrators have read and write access to all system logs by default.

Correct Answer: AD

Question No.76

Refer to the exhibit. Which two effects of this configuration are true? (Choose two.)


  1. The switch periodically sends an EAP-Identity-Request to the endpoint supplicant.

  2. The device allows multiple authenticated sessions for a single MAC address in the voice domain.

  3. If the TACACS server is unreachable, the switch places hosts on critical ports in VLAN 50.

  4. If the authentication priority is changed, the order in which authentication is performed also changes.

  5. If multiple hosts have authenticated to the same port, each can be in their own assigned VLAN.

  6. The port attempts 802.1x authentication first, and then falls back to MAC authentication bypass.

Correct Answer: CF

Question No.77

Which two statements about the SeND protocol are true? (Choose two.)

  1. It counters neighbor discovery threats.

  2. It must be enabled before you can configure IPv6 addresses.

  3. It supports numerous custom neighbor discovery messages.

  4. It logs IPv6-related threats to an external log server.

  5. It supports an autoconfiguration mechanism.

  6. It uses IPsec as a baseline mechanism.

Correct Answer: AE

Question No.78

Refer to the exhibit. Which meaning of this error message on a Cisco ASA is true?


  1. The route map redistribution is configured incorrectly.

  2. The default route is undefined.

  3. packed was denied and dropped by an ACL.

  4. The host is connected directly to the firewall.

Correct Answer: B

Question No.79

Which WEP configuration can be exploited by a weak IV attack ?

  1. When the static WEP password has been stored without encryption.

  2. When a per-packet WEP key is in use.

  3. When a 64-bit key is in use.

  4. When the static WEP password has been given away.

  5. When a 40-bit key is in use.

  6. When the same WEP key is used to create every packet.

Correct Answer: E

Question No.80

Which feature does Cisco VSG use to redirect traffic in a Cisco Nexus 1000v Series Switch?

  1. VEM

  2. VPC

  3. VDC

  4. vPath

Correct Answer: D

Get Full Version of the Exam
400-251 Dumps
400-251 VCE and PDF