120 likes | 158 Views
IT-Dumps Real Cisco 400-251 Dumps will lead you towards success in Cisco Certification 400-251 Exam. When you take IT-Dumps Real Cisco 400-251 Dumps, it helps in getting the jobs that you always wanted in the networking field. If you are still unsure about IT-Dumps Real Cisco 400-251 Dumps then, you have an option to schedule a demo to check 400-251 exam questions. With valid Real Cisco 400-251 Dumps from IT-Dumps you will never face any difficulty.
E N D
2018 IT-Dumps 400-251 • http://www.it-dumps.com/
Questions 1 Which protocol does ISE use to secure connection through the Cisco IronPort infrastructure? A. TLS B. SNMP C. IKEv1 D. SSH E. IKEv2 Answer: D
Questions 2 Which statement about Local Web Authentication is true? A. it can use VLANs and ACLs to enforce authorization B. it supports Change of Authorization and VLAN enforcement C. it supports posture and profiling services D. the ISE serves web pages E. the network device handles guest authentication F. the web portal can be customized locally or managed by the ISE Answer: E
Questions 3 Which two statements about the Cisco FireAMP solution are true? (Choose two) A. when a FireAMP Connector detects malware in network traffic, it generates a malware event and a network event B. it can perform dynamic analysis in the FireAMP Private Cloud C. the FireAMP Connector can provide information about potentially malicious network connections D. the FireAMP Private Cloud can act as an anonymized proxy to transport endpoint event data to the AMP Public Cloud for disposition lookups E. the FireAMP Connector can detect malware in network traffic when files are downloaded and executed F. the FireAMP Private Cloud provides an on-premises option for file disposition lookups and retrospective event generation G. the FireAMP connector is compatible with antivirus software on the endpoint, but you must configure an exclusion to prevent the Connector from scanning the antivirus directory Answer: BF
Questions 4 Which statement about MDM is true? A. each Cisco ISE node requires its own MDM server B. it can support endpoints without requiring them to register C. Cisco ISE communicates with the MDM server by way of REST API calls D. it reports the IP address of the endpoint to the Cisco ISE as the input parameter of the endpoint E. MDM policies can be configured with as few as two attributes F. if an authorized user refreshes the web browser, the session must be reauthorized with the LDAP server Answer: C
Questions 5 How many report templates does the Cisco Firepower Management Center support? A. 5 B. 10 C. 50 D. 100 E. Unlimited Answer: E
Questions 6 How does a Cisco ISE server determine whether a client supports EAP chaining? A. it sends an MD5 challenge to the client and analyzes the response B. it analyzes the options field in the TCP header of the first packet it receives from the client C. it analyzes the EAPoL message the client sends during the initial handshake D. it sends an identity-type TLV to the client and analyzes the response E. it analyzes the X.509 certificate it receives from the client through the TLS tunnel Answer: D
Questions 7 Which two limitations of ISE inline posture are true? (Choose two) A. the Cisco Discovery Protocol is not supported B. multicast is not supported C. Flexible NetFlow is not supported D. the Simple Network Management Protocol agent is not supported E. QoS is not supported in a virtual environment Answer: AD
Questions 8 Which statement about the pxGrid connection agent is true? A. it leverages Cisco ISE control functions to manage connections and share information between partner platforms B. it supports an agentless solution for Cisco ISE C. it managed the sharing of contextual information between partner platforms D. it can fetch user information from AD on behalf of a WSA or Cisco ISE E. it fetches user information from AD and transmits it to the pxGrid controller F. it enables communication from the pxGrid controller Answer: C
Questions 9 Your antivirus server keeps a check on all the clients to ensure that they are updated and run regular scans. In the event that a client falls out of compliance, the antivirus server can integrate with the AD setup to change certain attributes for a user to indicate non-compliance. How can this ability be used to assess the posture of the device in ISE? A. ISE can use only built-in attributes for AD to make authorization decisions B. ISE communicates directly with the antivirus server for real-time information about the client during the authentication phase C. ISE can use the AD attribute to make authorization decisions during initial authentication or reauth. D. ISE can't use attributes in AD to make authorization decisions E. The Cisco AnyConnect posture module can be configured to communicate with AD to check the attributes, and allow access accordingly Answer: C
Questions 10 As an enterprise, you have decided to use Cisco Umbrella (OpenDNS) services for all public DNS requests. In Which two ways can you ensure that all DNS clients (endpoints) use this service for external requests only? (Choose two) A. Install the Umbrella proxy server on all the supported operating systems and configure it appropriately. B. Install the Umbrella server in your data center that will provide these services locally. C. Use DHCP to push the OpenDNS servers to the endpoints. D. Configure the OpenDNS servers as forwarders on your internal DNS servers E. Install the Umbrella client on all the supported operating systems and configure it appropriately. Answer: DE
IT-Dumps Thanks You