Get Full Version of the Exam
http://www.EnsurePass.com/400-251.html

Question No.81

Which statement about MDM with the Cisco ISE is true?

1. The MDM#39;s server certificate must be imported into the Cisco ISE Certificate Store before the MDM and ISE can establish a connection.

2. MDM servers can generate custom ACLs for the Cisco ISE to apply to network devices.

3. The Cisco ISE supports a built-in list of MDM dictionary attributes it can use in authorization policies.

4. The Cisco ISE supports limited built-in MDM functionality.

5. If a mobile endpoint fails posture compliance, both the user and the administrator are notified immediately.

6. When a mobile endpoint becomes compliant the Cisco ISE records the updated device status in its internal database.

Correct Answer: A

Explanation:

Mobile Device Management https://meraki.cisco.com/blog/tag/mobile-device-management/

Question No.82

What are two important guidelines to follow when implementing VTP? (Choose two.)

1. When using secure mode VTP, only configure management domain passwords on VTP servers.

2. Enabling VTP pruning on a server will enable the feature for the entire management domain.

3. All switches in the VTP domain must run the same version of VTP.

4. CDP must be enabled on all switches in the VTP management domain.

5. Use of the VTP multi-domain feature should be restricted to migration and temporary implementation.

Correct Answer: BC

Question No.83

When applying MD5 route authentication on routers running RIP or EIGRP, which two important key chain considerations should be accounted for? (Choose two.)

1. Key 0 of all key chains must match for all routers in the autonomous system.

2. The lifetimes of the keys in the chain should overlap.

3. Routers should be configured for NTP to synchronize their clocks.

4. No more than three keys should be configured in any single chain.

5. Link compression techniques should be disabled on links transporting any MD5 hash.

Correct Answer: BC

Question No.84

Refer to the exhibit. What are two effects of the given configuration? (Choose two.)

1. FTP clients will be able to determine the server#39;s system type.

2. The connection will remain open if the size of the STOR command is greater than a fixed constant.

3. TCP connections will be completed only to TCP ports from 1 to 1024.

4. The client must always send the PASV reply.

5. The connection will remain open if the PASV reply command includes 5 commas.

Correct Answer: AE

Question No.85

Which effect of the crypto pki authenticate command is true?

1. It sets the certificate enrollment method.

2. It retrieves and authenticates a CA certificate.

3. It configures a CA trustpoint.

4. It displays the current CA certificate.

Correct Answer: B

Question No.86

Which option is a data modeling language used to model configuration and state data of network elements?

1. RESTCONF

2. SNMPv4

3. NETCONF

4. YANG

Correct Answer: D

Question No.87

Which two statements about ICMP redirect messages are true? (Choose two.)

1. Redirects are only punted to the CPU if the packets are also source-routed.

2. The messages contain an ICMP Type 3 and ICMP code 7.

3. By default, configuring HSRP on the interface disables ICMP redirect functionality.

4. They are generated when a packet enters and exits the same route interface.

5. They are generated by the host to inform the router of an temate route to the destination.

Correct Answer: CD

Question No.88

Which three transports have been defined for SNMPv3? (Choose three.)

1. DTLS

2. SSH

3. TLS

4. SSL

5. IPcec secured tunnel

6. GET

Correct Answer: ABC

Question No.89

Refer to the exhibit. Which two statements about a device with this configuration are true? (Choose two.)

1. When a peer establishes a new connection to the device, CTS retains all existing SGT mapping entries for 3 minutes.

2. If a peer reconnects to device within 120 seconds of terminating a CTS-SXP connection, the reconciliation timer stats.

3. When a peer re-establishes a previous connection to the device, CTS retains all existing SGT mapping entries for 3 minutes.

4. If a peer reconnects to device within 180 seconds of terminating a CTS-SXP connection, the reconciliation timer stats.

5. If a peer re-establishes a connection to the device before the hold-down timer expires, the device retains the SGT mapping entries it learned during the previous connection for an additional 3 minutes.

6. It sets the internal hold-down timer of the device to 3 minutes.

Correct Answer: BE

Question No.90

Which three messages are part of the SSL protocol? (Choose three.)

1. Message Authentication

2. CipherSpec

3. Record

4. Alert

5. Change CipherSpec

6. Handshake

Correct Answer: DEF

Get Full Version of the Exam
400-251 Dumps
400-251 VCE and PDF

Related Posts

• [Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 111-120
• [Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 121-130
• [Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 131-140
• [Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 91-100
• [Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 101-110
• [Free] 2019(Nov) EnsurePass Cisco 400-251 Dumps with VCE and PDF 51-60