10 Tips For Regenerate 400-251 dumps

Q1. Which two statements about the DES algorithm are true? (Choose two)

A. The DES algorithm is based on asymmetric cryptography.

B. The DES algorithm is a stream cipher.

C. The DES algorithm is based on symmetric cryptography.

D. The DES algorithm encrypts a block of 128 bits.

E. The DES algorithm uses a 56-bit key.

View Answer

Q2. DRAG DROP

Drag and drop the DNS record types from the left to the matching descriptions to the right

View Answer

Q3. Which two statements about IPsec in a NAT-enabled environment are true? (Choose two)

A. The hashes of each peer’s IP address and port number are compared to determine whether NAT-T is required

B. NAT-T is not supported when IPsec Phase 1 is set to Aggressive Mode

C. The first two messages of IPsec Phase 2 are used to determine whether the remote host supports

NAT-T

D. NAT-T is not supported when IPsec Phase 1 is set to Main Mode

E. IPsec packets are encapsulated in UDP 500 or UDP 10000 packets

F. To prevent translations from expiring, NAT keepalive messages that include a payload are sent between the peers

View Answer

Q4. Which two options are open-source SDN controllers? (Choose two)

A. OpenContrail

B. OpenDaylight

C. Big Cloud Fabric

D. Virtual Application Networks SDN Controller

E. Application Policy Infrastructure Controller

View Answer

Q5. Which two statements about global ACLs are true? (Choose two)

A. They support an implicit deny

B. They are applied globally instead of being replicated on each interface

C. They override individual interface access rules

D. They require an explicit deny

E. They can filer different packet types than extended ACLs

F. They require class-map configuration

View Answer

Q6. DRAG DROP

Drag and drop each syslog facility code on the left onto its description on the right.

View Answer

Q7. Which two statements about the SHA-1 algorithm are true? (Choose two)

A. The SHA-1 algorithm is considered secure because it always produces a unique hash for the same message.

B. The SHA-1 algorithm takes input message of any length and produces 160-bit hash output.

C. The SHA-1 algorithm is considered secure because it is possible to find a message from its hash.

D. The purpose of the SHA-1 algorithm is to provide data confidentiality.

E. The purpose of the SHA-1 algorithm is to provide data authenticity.

View Answer

Q8. Refer to the exhibit. 

Which effect of this configuration is true?

A. NUD retransmits 1000 Neighbor solicitation messages every 4 hours and 4 minutes.

B. NUD retransmits Neighbor Solicitation messages after 4, 16, 64 and 256 seconds.

C. NUD retransmits Neighbor Solicitation messages every 4 seconds.

D. NUD retransmits unsolicited Neighbor advertisements messages every 4 hours.

E. NUD retransmits f our Neighbor Solicitation messages every 1000 seconds.

F. NUD retransmits Neighbor Solicitation messages after 1, 4, 16, and 64 seconds.

View Answer

Q9. Refer to the exhibit. R1 and R2 are connected across and ASA with MD5 authentication. Which statement about eBGP peering between the routers could be true?

A. eBGP peering will fail because ASA is transit lacks BGP support.

B. eBGP peering will be successful.

C. eBGP peering will fail because the two routers must be directly connected to allow peering.

D. eBGP peering will fail because of the TCP random sequence number feature.

View Answer

Q10. What context-based access control (CBAC. command sets the maximum time that a router

running Cisco IOS Will wait for a new TCP session to reach the established state?

A. IP inspect max-incomplete

B. IP inspect tcp finwait-time

C. Ip inspect udp idle-time

D. Ip inspect tcpsynwait-time

E. Ip inspect tcp idle-time

View Answer