Tag - 400-251 exam

ISE can be integrated with an MDM to ensure that only registered devices are allowed on the network, and use the MDM to push policies to the device. Devices can go in and out of compliance either due to policy changes on the MDM server, or another reason. Consider a...

Which criteria does ASA use for packet classification if multiple contexts share an ingress interface MAC address? A, ASA ingress interface IP address B. policy-based routing on ASA D. destination MAC address E. ASA ingress interface MAC address G. ASA egress interface IP addressView AnswerAnswer: E 

In an effort to secure your enterprise campus network, any endpoint that connects to the network must authenticate before being granted access. For all corporate-owned endpoints, such as laptops, mobile phones and tables, you would like to enable 802. 1x and once authenticated allow full access to the network. For...

In a large organization, with thousands of employees scattered across the globe, it is difficult to provision and onboard new employee devices with the correct profiles and certificates. With ISE, it is possible to do client provided which four conditions are met. (Choose four)A . Endpoint operating System should be...

Refer to the exhibit. aaa authentication login default group radius aaa authentication login NO_AUTH none aaa authentication login vty local aaa authentication dot1x default group radius aaa authorization network default group radius aaa accounting update newinfo aaa accounting dot1x default start-stop group radius ! ip dhcp excluded-address 60.1.1.11 ip dhcp...

Which statement correctly describes Botnet attack?A . It is launched by a single machine controlled by command and control systemB . It can be used to steal dataC . It is launched by a collection of noncompromised machines controllers by command and control systemD . It is a form of...

7.21 configured ipv4, authenticated instance invalid, unsynced, stratum 16 ref ID INIT, time 00000000 0000000 (17:00:00.000 ccie Wed Dec 31, 1899) R2 is getting time synchronized from NTP server R1. It has been reported that clock on R2 cannot associate with the NTP server R1. Which possible cause is true?A...

In your ISE design, there are two TACACS profiles that are created for a device administration: Help Desk_Profile, and IOS_Admin_Profile. The Help Desk profile should login the user with privilege 1, with ability to change privilege level to 15. The Admin profile should login the user with privilege 15 by...

Which statement about the Sender Base functionality is true?A . ESA sees a high negative score from Sender Base as very unlikely that sender is sending spamB . Sender Base uses DNS-based blacklist as one of the sources of information to define reputation score of sender’s IP address.C . WSA...

Which statement about OSPFv2 configuration on ASA is true?A . It does not support stub areas and not-so-stubby areasB . It only supports MD5 authentication with the peersC . Routing decision is based on the hop counts to the destinationD . It does not support virtual linksE . It allows...