Jump to content


7
[Offer]

Wrong and correct answers to Passleader dumps (301 questions) for 400-251 exam



57 replies to this topic

#1 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 14 February 2017 - 05:16 AM

Guys,
I dared to start a new thread after looking into questions and answers in the dump for 400-251 exam.
It is very frustrating to realize that those "solutions providers" sell us wrong answers to about a third of questions in the said exam. I saw them in the previous exam (350-018) which I failed because I didn't have a lot of time to study.
Feel free to participate and comment. Collective study is always effective.
So, here comes the first batch of my attempts to select better answers based on available documentation.
I'll provide links to support my selections where possible

QUESTION 3
Which two statements about role-based access control are true? (Choose two.)

A. Server profile administrators have read and write access to all system logs by default.
B. If the same user name is used for a local user account and a remote user account, the roles defined in the remote
user account override the local user account.

C. A view is created on the Cisco IOS device to leverage role-based access controls.
D. Network administrators have read and write access to all system logs by default.
E. The user profile on an AAA server is configured with the roles that grant user privileges.

I selected C and E instead of D and E


QUESTION 4
Which three global correlation feature can be enabled from cisco IPD device manager (Cisco IDM)?
(Choose three.)

A. Network Reputation
B. Global Data Interaction
C. Signature Correlation
D. Reputation Filtering
E. Global Correlation Inspection
F. Data Contribution
G. Reputation Assignment

My answers are B,D and F (But I'm also tempted to select A instead of F)
http://www.cisco.com/c/en/us/td/docs/security/ips/7-0/configuration/guide/idm/idmguide7/idm_collaboration.html


QUESTION 8
Refer to the exhibit. What is the effect of the given configuration?

RTR-A(config-if)# ipv6 nd dad attempts 60
RTR-A(config-if)# ipv6 nd ns-interval 3600


A. It sets the duplicate address detection interval to 60 second and sets the IPv6 neighbor reachable time to 3600
milliseconds.
B. It sets the number of neighbor solicitation massages to 60 and sets the retransmission interval to 3600
milliseconds.
C. It sets the number of duplicate address detection attempts to 60 and sets the duplicate address detection interval
to 3600 millisecond.
D. It sets the number of neighbor solicitation massage to 60 and set the duplicate address detection interval to 3600
second.
E. It sets the duplicate address detection interval to 60 second and set the IPv6 neighbor solicitation interval to 3600
millisecond.

My answer is B and not E

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/15-2mt/ip6-15-2mt-book/ip6-neighb-disc.html


QUESTION 9
What are two characteristics of RPL, used in loT environments? (Choose two.)

A. It is an Exterior Gateway Protocol
B. It is a Interior Gateway Protocol
C. It is a hybrid protocol
D. It is link-state protocol
E. It is a distance-vector protocol

My answer is C and E and not B and E
https://inet.haw-hamburg.de/teaching/ws-2014-15/project-class/lotte-steenbrink-hybrid-routing-for-the-internet-of-things

Edited by zheka, 14 February 2017 - 06:26 AM.


Thanked by 4 Members:
kristianonline , auseruser , chrishe , kelmetoly

#2 certvista

certvista

    Member

  • Members
  • PipPip
  • 39 posts
  • 1269 thanks

Posted 14 February 2017 - 05:35 AM

Please share the full complete questions set, so it will be good to review all and give the feedback where possible
certvista, proud to be a member of IT Certification Forum since Oct 2008.

#3 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 14 February 2017 - 07:38 AM

QUESTION 16
Which three statements about the keying methods used by MAC Sec are true? (Choose three.)

A. MKA is implemented as an EAPoL packet exchange.
B. SAP is enabled by default for Cisco TrustSec in manual configuration mode.
C. SAP is supported on SPAN destination ports.
D. Key management for host-to-switch and switch-to-switch MACSec sessions is provided by MKA.
E. SAP is not supported on switch SVIs.
F. A valid mode for SAP is NULL.

Their answers are A, B, F but I'd replace B for E
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swmacsec.pdf
SAP is disabled by default in Cisco TrustSec manual mode


QUESTION 17
Which two statements about Cisco ASA authentication using LDAP are true? (Choose two.)

A. It uses attribute maps to map the AD memberOf attribute to the cisco ASA Group-Poilcy attribute
B. It uses AD attribute maps to assign users to group policies configured under the WebVPN context
C. The Cisco ASA can use more than one AD memberOf attribute to match a user to multiple group policies

D. It can assign a group policy to a user based on access credentials
E. It can combine AD attributes and LDP attributes to configure group policies on the Cisco ASA
F. It is a closed standard that manages directory-information services over distributed networks

Their answers are A and B but I challenge B because WebVPN context is relevant to IOS based SSLVPN gateway. The second correct answer is D


QUESTION 18
Drag and Drop Question
Drag each IPS signature engine on the left to its description on the right.

Their answers are wrong for "Atomic" and "Normalizer". I'd swap them
http://www.cisco.com/c/en/us/td/docs/security/ips/6-1/configuration/guide/cli/cliguide/cli_signature_engines.html

Thanked by 1 Member:
kelmetoly

#4 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 14 February 2017 - 07:40 AM

View Postcertvista, on 14 February 2017 - 05:35 AM, said:

Please share the full complete questions set, so it will be good to review all and give the feedback where possible

I found this dump at this post
http://certcollection.org/forum/topic/307179-please-verify-new-ccie-security-400-251-dumps/

#5 kelmetoly

kelmetoly

    Junior Member

  • Members
  • PipPip
  • 4 posts
  • 13 thanks

Posted 16 February 2017 - 08:20 AM

QUESTION 5
According to RFC 4890, which three message must be dropped at the transit firewall/router? (Choose three.)
A. Router Renumbering (Type 138)
B. Node Information Query (Type 139)
C. Router Solicitation (Type 133)
D. Node information Response (Type 140)
E. Router Advertisement (Type 134)
F. Neighbor Solicitaion (Type 135)

My answer is CEF but in book ABD !!!!

#6 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 16 February 2017 - 04:33 PM

It

View Postkelmetoly, on 16 February 2017 - 08:20 AM, said:

QUESTION 5
According to RFC 4890, which three message must be dropped at the transit firewall/router? (Choose three.)
A. Router Renumbering (Type 138)
B. Node Information Query (Type 139)
C. Router Solicitation (Type 133)
D. Node information Response (Type 140)
E. Router Advertisement (Type 134)
F. Neighbor Solicitaion (Type 135)

My answer is CEF but in book ABD !!!!

It's debatable but if we look at this RFC
https://www.ietf.org/rfc/rfc4890.txt
specifically at the section    4.3.5. Traffic That Should Be Dropped Unless a Good Case Can Be Made
We see that those are messages 138-140

#7 kelmetoly

kelmetoly

    Junior Member

  • Members
  • PipPip
  • 4 posts
  • 13 thanks

Posted 17 February 2017 - 05:07 AM

QUESTION 13

Which statement about the 3DES algorithm is true?

A. The 3DES algorithm uses the same key for encryption and decryption.
B. The 3DES algorithm uses a public-private key pair with a public key for encryption and a private key fordecryption.
C. The 3DES algorithm is a block cipher.
D. The 3DES algorithm uses a key length of 112 bits.
E. The 3DES algorithm is faster than DES due to the shorter key length.

My Answer is AC nut in book it's C only.

#8 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 17 February 2017 - 04:07 PM

View Postkelmetoly, on 17 February 2017 - 05:07 AM, said:

QUESTION 13

Which statement about the 3DES algorithm is true?

A. The 3DES algorithm uses the same key for encryption and decryption.
B. The 3DES algorithm uses a public-private key pair with a public key for encryption and a private key fordecryption.
C. The 3DES algorithm is a block cipher.
D. The 3DES algorithm uses a key length of 112 bits.
E. The 3DES algorithm is faster than DES due to the shorter key length.

My Answer is AC nut in book it's C only.

It is again debatable and depends on the keying options. In theory, those 3 keys are different, K1, K2 and K3 and they used in three consecutive encryption/decryption operations.
But they also could be the same, as it is said for Keying option 3 in this wikipedia article

https://en.wikipedia.org/wiki/Triple_DES

Thanked by 1 Member:
kelmetoly

#9 kelmetoly

kelmetoly

    Junior Member

  • Members
  • PipPip
  • 4 posts
  • 13 thanks

Posted 17 February 2017 - 07:10 PM

View Postzheka, on 17 February 2017 - 04:07 PM, said:

It is again debatable and depends on the keying options. In theory, those 3 keys are different, K1, K2 and K3 and they used in three consecutive encryption/decryption operations.
But they also could be the same, as it is said for Keying option 3 in this wikipedia article

https://en.wikipedia.org/wiki/Triple_DES

Agree with you. Thanks zheka

#10 kelmetoly

kelmetoly

    Junior Member

  • Members
  • PipPip
  • 4 posts
  • 13 thanks

Posted 18 February 2017 - 03:00 PM

QUESTION 33
Which two options are differences between a automation and orchestration? (Choose two.)
A. Automation is an IT workflow composed of tasks, and orchestration is a technical task.
B. Orchestration is focused on multiple technologies to be integrated together.
C. Orchestration is focused on an end-to-end process or workflow.
D. Automation is to be used to replace human intervention.
E. Automation is focused on automating a single or multiple tasks.

Answer: BC but i see correct ans is CE

#11 lopwal

lopwal

    Junior Member

  • Members
  • PipPip
  • 1 posts
  • 2 thanks

Posted 19 February 2017 - 01:12 PM

@kelmetoly I agree answers should be C and E.
Automation is about tasks (could be one or multiple) but it doesn't visibility of the whole process as orchestration does.

#12 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 19 February 2017 - 04:52 PM

View Postlopwal, on 19 February 2017 - 01:12 PM, said:

@kelmetoly I agree answers should be C and E.
Automation is about tasks (could be one or multiple) but it doesn't visibility of the whole process as orchestration does.

Same with me. C and E are correct answers

#13 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 19 February 2017 - 05:21 PM

Guys,
I would like to challenge the answer to question 22:

In which class of applications security threads does HTTP header manipulation reside?

A. Session management
B. Parameter manipulation
C. Software tampering
D. Exception managements

I would say it is happening with parameter manipulation and not with the session management. This is the page that describes it:
http://www.cgisecurity.com/owasp/html/ch11s04.html

Session management doesn't have anything to do with HTTP header

#14 zheka

zheka

    Advanced Member

  • Members
  • PipPipPip
  • 74 posts
  • 43 thanks

Posted 20 February 2017 - 06:27 AM

Question 29
They misplaced items from "Reconnaissance and scanning" with "Exploits" category.
The very good source of answers to those questions is SANS document:
https://www.sans.org/reading-room/whitepapers/threats/icmp-attacks-illustrated-477
In a nutshell, these are types of attacks belonging to "Reconnaissance and scanning" category:
- ICMP sweep
- traceroute
- inverse mapping
- OS fingerprinting
- firewalk

And here are types of attacks used in the "Exploits" category:
- ICMP route redirect
- ICMP informational messages
- ICMP router discovery messages
- ICMP floods




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top