Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 400-251

Cisco® 400-251 Exam Practice Questions (P. 4)

  • Full Access (952 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #31
Which Cisco ASA feature can be used to update non-compliant antivirus/antispyware definition files on an AnyConnect client?
  1. A
    dynamic access policies
  2. B
    dynamic access policies with Host Scan and advanced endpoint assessment
  3. C
    Cisco Secure Desktop
  4. D
    advanced endpoint assessment

Correct Answer:
B

Question #32

When configuring a Cisco IPS custom signature, what type of signature engine must you use to block podcast clients from accessing the network?
  1. A
    service HTTP
  2. B
    service TCP
  3. C
    string TCP
  4. D
    fixed TCP
  5. E
    service GENERIC

Correct Answer:
A

Question #33
An attacker configures an access point to broadcast the same SSID that is used at a public hot- spot, and launches a deauthentication attack against the clients that are connected to the hot-spot, with the hope that the clients will then associate to the AP of the attacker.
In addition to the deauthentication attack, what attack has been launched?
  1. A
    man-in-the-middle
  2. B
    MAC spoofing
  3. C
    Layer 1 DoS
  4. D
    disassociation attack

Correct Answer:
A

Question #34
Which statement best describes the concepts of rootkits and privilege escalation?
  1. A
    Rootkits propagate themselves.
  2. B
    Privilege escalation is the result of a rootkit.
  3. C
    Rootkits are a result of a privilege escalation.
  4. D
    Both of these require a TCP port to gain access.

Correct Answer:
B

Question #35
Refer to the exhibit.

Which message of the ISAKMP exchange is failing?
  1. A
    main mode 1
  2. B
    main mode 3
  3. C
    aggressive mode 1
  4. D
    main mode 5
  5. E
    aggressive mode 2

Correct Answer:
B

Question #36
Which multicast capability is not supported by the Cisco ASA appliance?
  1. A
    ASA configured as a rendezvous point
  2. B
    Sending multicast traffic across a VPN tunnel
  3. C
    NAT of multicast traffic
  4. D
    IGMP forwarding (stub) mode

Correct Answer:
B

Question #37
Refer to the exhibit.

What type of attack is being mitigated on the Cisco ASA appliance?
  1. A
    HTTPS certificate man-in-the-middle attack
  2. B
    HTTP distributed denial of service attack
  3. C
    HTTP Shockwave Flash exploit
  4. D
    HTTP SQL injection attack

Correct Answer:
D

Question #38
Which method of output queuing is supported on the Cisco ASA appliance?
  1. A
    CBWFQ
  2. B
    priority queuing
  3. C
    MDRR
  4. D
    WFQ
  5. E
    custom queuing

Correct Answer:
B

Question #39
Which four values can be used by the Cisco IPS appliance in the risk rating calculation? (Choose four.)
  1. A
    attack severity rating
  2. B
    target value rating
  3. C
    signature fidelity rating
  4. D
    promiscuous delta
  5. E
    threat rating
  6. F
    alert rating

Correct Answer:
ABCD

Question #40
Which three authentication methods does the Cisco IBNS Flexible Authentication feature support? (Choose three.)
  1. A
    cut-through proxy
  2. B
    dot1x
  3. C
    MAB
  4. D
    SSO
  5. E
    web authentication

Correct Answer:
BCE

Previous Questions Next Questions

All Pages