Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 July VMware Official New Released 2V0-651
100% Free Download! 100% Pass Guaranteed!
CCIE Security Exam (v4.1)
Question No: 291 – (Topic 4)
Which Cisco IPS appliance signature engine defines events that occur in a related manner, within a sliding time interval, as components of a combined signature?
-
Service engine
-
Sweep engine
-
Multistring engine
-
Meta engine
Answer: D
Question No: 292 – (Topic 4)
Which four statements about SeND for IPv6 are correct? (Choose four.)
-
It protects against rogue RAs.
-
NDP exchanges are protected by IPsec SAs and provide for anti-replay.
-
It defines secure extensions for NDP.
-
It authorizes routers to advertise certain prefixes.
-
It provides a method for secure default router election on hosts.
-
Neighbor identity protection is provided by Cryptographically Generated Addresses that are derived from a Diffie-Hellman key exchange.
-
It is facilitated by the Certification Path Request and Certification Path Response ND messages.
Answer: A,C,D,E
Question No: 293 – (Topic 4)
Which two statements about OSPF authentication are true? (Choose two.)
-
OSPF authentication is required in area 0.
-
There are three types of OSPF authentication.
-
In MD5 authentication, the password is encrypted when it is sent.
-
Null authentication includes the password in clear-text.
-
Type-3 authentication is a clear-text password authentication.
-
In MD5 authentication, the password never goes across the network.
Answer: B,F
Question No: 294 – (Topic 4)
Which three types of information could be used during the incident response investigation phase? (Choose three.)
-
netflow data
-
SNMP alerts
-
encryption policy
-
syslog output
-
IT compliance reports
Answer: A,B,D
Question No: 295 – (Topic 4)
Which three statements are true about the SSH protocol? (Choose three.)
-
SSH protocol runs over TCP port 23.
-
SSH protocol provides for secure remote login and other secure network services over an insecure network.
-
Telnet is more secure than SSH for remote terminal access.
-
SSH protocol runs over UDP port 22.
-
SSH transport protocol provides for authentication, key exchange, confidentiality, and integrity.
-
SSH authentication protocol supports public key, password, host based, or none as authentication methods.
Answer: B,E,F
Question No: 296 – (Topic 4)
Refer to the exhibit.
Which statement regarding the output is true?
-
Every 1800 seconds the secondary name server will query the SOA record of the primary name server for updates.
-
If the secondary name server has an SOA record with the serial number of 10973815, it will initiate a zone transfer on the next cycle.
-
Other DNS servers will cache records from this domain for 864000 seconds (10 days)
before requesting them again.
-
Email queries concerning this domain should be sent to quot;admin@postmaster.cisco.comquot;.
-
Both primary and secondary name servers will clear (refresh) their caches every 7200 seconds to ensure that up-to-date information is always in use.
Answer: B
Question No: 297 – (Topic 4)
Which of the following two options can you configure to avoid iBGP full mesh? (Choose two.)
-
Route reflectors
-
Confederations
-
BGP NHT
-
Local preference
-
Virtual peering
Answer: A,B
Question No: 298 – (Topic 4)
Which command is used to replicate HTTP connections from the Active to the Standby Cisco ASA appliance in failover?
-
monitor-interface http
-
failover link fover replicate http
-
failover replication http
-
interface fover replicate http standby
-
No command is needed, as this is the default behavior.
Answer: C
Question No: 299 – (Topic 4)
Which option explains the passive scan technique that is used by wireless clients to
discover available wireless networks?
-
listening for access point beacons that contain available wireless networks
-
sending a null probe request
-
sending a null association request
-
listening for access point probe response frames that contain available wireless networks
Answer: A
Question No: 300 – (Topic 4)
Which three statements are true about TLS? (Choose three.)
-
TLS protocol uses a MAC to protect the message integrity.
-
TLS data encryption is provided by the use of asymmetric cryptography.
-
The identity of a TLS peer can be authenticated using public key or asymmetric cryptography.
-
TLS protocol is originally based on the SSL 3.0 protocol specification.
-
TLS provides support for confidentiality, authentication, and nonrepudiation.
Answer: A,C,D
100% Dumps4cert Free Download!
–Download Free Demo:2V0-651 Demo PDF
100% Dumps4cert Pass Guaranteed!
–2V0-651 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |