Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug VMware Official New Released VCAW510
100% Free Download! 100% Pass Guaranteed!
CCIE Security Exam (v4.1)
Question No: 241 – (Topic 4)
In order to implement CGA on a Cisco IOS router for SeND, which three configuration steps are required? (Choose three.)
-
Generate an RSA key pair.
-
Define a site-wide pre-shared key.
-
Define a hash algorithm that is used to generate the CGA.
-
Generate the CGA modifier.
-
Assign a CGA link-local or globally unique address to the interface.
-
Define an encryption algorithm that is used to generate the CGA.
Answer: A,D,E
Question No: 242 – (Topic 4)
Which Category to Protocol mapping for NBAR is correct?
-
Category: Enterprise Applications
Protocol: Citrix ICA, PCAnywhere, SAP, IMAP
-
Category: Internet Protocol: FTP, HTTP, TFTP
-
Category: Network Management Protocol: ICMP, SNMP, SSH, Telnet
-
Category: Network Mail Services Protocol: MAPI, POP3, SMTP
Answer: B
Question No: 243 – (Topic 4)
Which three statements about IKEv2 are correct? (Choose three.)
-
INITIAL_CONTACT is used to synchronize state between peers.
-
The IKEv2 standard defines a method for fragmenting large messages.
-
The initial exchanges of IKEv2 consist of IKE_SA_INIT and IKE_AUTH.
-
Rekeying IKE and child SAs is facilitated by the IKEv2 CREATE_CHILD_SA exchange.
-
NAT-T is not supported.
-
Attribute policy push (via the configuration payload) is only supported in REQUEST/REPLY mode.
Answer: A,C,D
Question No: 244 – (Topic 4)
What is a primary function of the SXP protocol?
-
to extend a TrustSec domain on switches that do not support packet tagging with SGTs
-
to map the SGT tag to VLAN information
-
to allow the SGT tagged packets to be transmitted on trunks
-
to exchange the SGT information between different TrustSec domains
Answer: A
Question No: 245 – (Topic 4)
Which four protocols are supported by Cisco IOS Management Plane Protection? (Choose four.)
-
Blocks Extensible Exchange Protocol (BEEP)
-
Hypertext Transfer Protocol Secure (HTTPS)
-
Secure Copy Protocol (SCP)
-
Secure File Transfer Protocol (SFTP)
-
Secure Shell (SSH)
-
Simple Network Management Protocol (SNMP)
Answer: A,B,E,F
Question No: 246 – (Topic 4)
Which three statements about SMTP are true? (Choose three.)
-
SMTP uses TCP port 25.
-
The POP protocol is used by the SMTP client to manage stored mail.
-
The IMAP protocol is used by the SMTP client to send email.
-
The mail delivery agent in the SMTP architecture is responsible for DNS lookup.
-
SMTPS uses SSL and TLS.
-
SMTP uses TCP port 587.
Answer: A,E,F
Question No: 247 – (Topic 4)
Which three EAP methods require a server-side certificate? (Choose three.)
-
PEAP with MS-CHAPv2
-
EAP-TLS
-
EAP-FAST
-
EAP-TTLS
-
EAP-GTP
Answer: A,B,D
Question No: 248 – (Topic 4)
Refer to the exhibit.
Which two statements about this Cisco Catalyst switch configuration are correct? (Choose two.)
-
The default gateway for VLAN 200 should be attached to the FastEthernet 5/1 interface.
-
Hosts attached to the FastEthernet 5/1 interface can communicate only with hosts attached to the FastEthernet 5/4 interface.
-
Hosts attached to the FastEthernet 5/2 interface can communicate with hosts attached to the FastEthernet 5/3 interface.
-
Hosts attached to the FastEthernet 5/4 interface can communicate only with hosts attached to the FastEthernet 5/2 and FastEthernet 5/3 interfaces.
-
Interface FastEthernet 5/1 is the community port.
-
Interface FastEthernet 5/4 is the isolated port.
Answer: B,C
Question No: 249 – (Topic 4)
Which statement is true about IKEv2 and IKEv1?
-
IKEv2 can be configured to use EAP, but IKEv1 cannot.
-
IKEv2 can be configured to use AES encryption, but IKEv1 cannot.
-
IKEv2 can be configured to interoperate with IKEv1 on the other end.
-
IKEv2 consumes more bandwidth than IKEv1.
Answer: A
Question No: 250 – (Topic 4)
Which two options describe how the traffic for the shared interface is classified in ASA multi context mode? (Choose two.)
-
Traffic is classified at the source address in the packet.
-
Traffic is classified at the destination address in the packet.
-
Traffic is classified at the destination address in the context.
-
Traffic is classified by copying and sending the packet to all the contexts.
-
Traffic is classified by sending the MAC address for the shared interface.
Answer: C,E
100% Dumps4cert Free Download!
–Download Free Demo:VCAW510 Demo PDF
100% Dumps4cert Pass Guaranteed!
–VCAW510 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |