[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 371-380

EnsurepassQUESTION 371 When routing is configured on ASA, which statement is true?   A. If the default route is not present, then the routing table is checked. B. If the routing table has two matching entries, the packet is dropped. C. If routing table has two matching entries with same prefix length, the first entry is used. D. If routing table has two matching entries with different prefix lengths, the entry with the longer prefix length is used.   Correct Answer: D   Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 381-390

Ensurepass    QUESTION 381 Refer to the exhibit. What is the reason for the failure of the DMVPN session between R1 and R2?     A. tunnel mode mismatch B. IPsec phase-1 configuration is missing peer address on R2 C. IPsec phase-1 policy mismatch D. IPsec phase-2 policy mismatch E. incorrect tunnel source interface on R1   Correct Answer: E     QUESTION 382 Which three HTTP header fields can be classified by NBAR for request messages? (Choose three.) Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 361-370

EnsurepassQUESTION 361 Which two statement about Infrastructure ACLs on Cisco IOS software are true? (Choose two.)   A. Infrastructure ACLs are used to block-permit the traffic in the router forwarding path. B. Infrastructure ACLs are used to block-permit the traffic handled by the route processor. C. Infrastructure ACLs are used to block-permit the transit traffic. D. Infrastructure ACLs only protect device physical management interface.   Correct Answer: BD     Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 391-400

EnsurepassQUESTION 391 Refer to the exhibit. Identify the behavior of the ACL if it is applied inbound on E0/0.     A. The ACL will drop both initial and noninitial fragments for port 80 only. B. The ACL will pass both initial and noninitial fragments for port 80 only. C. The ACL will pass the initial fragment for port 80 but drop the noninitial fragment for any port. D. The ACL will drop the initial fragment for port 80 but pass the noninitial fragment for any port.   Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 351-360

EnsurepassQUESTION 351 Which statement about SMTP is true?   A. SMTP uses UDP port 25. B. The POP protocol is used by the SMTP client to manage stored mail. C. The IMAP protocol is used by the SMTP client to retrieve and manage stored email. D. The mail delivery agent in the SMTP architecture is responsible for DNS lookup. E. SMTP uses TCP port 20.   Correct Answer: C     QUESTION 352 Which two statements about DHCP are true? (Choose two.)   A. DHCP Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 341-350

EnsurepassQUESTION 341 Which three statements about the RSA algorithm are true? (Choose three.)   A. The RSA algorithm provides encryption but not authentication. B. The RSA algorithm provides authentication but not encryption. C. The RSA algorithm creates a pair of public-private keys that are shared by entities that perform encryption. D. The private key is never sent across after it is generated. E. The public key is used to decrypt the message that was encrypted by the private Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 331-340

EnsurepassQUESTION 331 Which statement about VLAN is true?   A. VLAN cannot be routed. B. VLANs 1006 through 4094 are not propagated by VTP. C. VLAN1 is a Cisco default VLAN that can be deleted. D. The extended-range VLANs cannot be configured in global configuration mode.   Correct Answer: A     QUESTION 332 Which two statements about OSPF authenticat ion are true? (Choose two.)   A. OSPF authentication is required in area 0. B. There are three types Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 321-330

EnsurepassQUESTION 321 Which two statements about VTP passwords are true? (Choose two)   A. The VTP password can only be configured when the switch is in Server mode. B. The VTP password is sent in the summary advertisements.. C. The VTP password is encrypted for confidentiality using 3DES. D. VTP is not required to be configured on all switches in the domain. E. The VTP password is hashed to preserve authenticity using the MD5 algorithm. F. The VTP password can only be configured Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 311-320

EnsurepassQUESTION 311 Which statement about the above configuration is true?   crypto gdoi group gdoi_group identity number 1234 server local sa receive-only sa ipsec 1 profile gdoi-p match address ipv4 120   A. The key server instructs the DMVPN spoke to install SAs outbound only. B. The key server instructs the GDOI group to install SAs inbound only. C. The key server instructs the DMVPN hub to install SAs outbound only. D. The key server instructs the GDOI spoke to install Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 301-310

Ensurepass HOT EXAM! 100-105 Dumps VCE PDF 200-105 Dumps VCE PDF 300-101 Dumps VCE PDF 300-115 Dumps VCE PDF 300-135 Dumps VCE PDF 300-320 Dumps VCE PDF 400-101 Dumps VCE PDF 640-911 Dumps VCE PDF 640-916 Dumps VCE PDF 70-410 Dumps VCE PDF 70-411 Dumps VCE PDF 70-412 Dumps VCE PDF 70-413 Dumps VCE PDF 70-414 Dumps VCE PDF 70-417 Dumps VCE PDF 70-461 Dumps VCE PDF 70-462 Dumps VCE PDF 70-463 Dumps VCE PDF 70-464 Dumps VCE PDF 70-465 Dumps VCE PDF 70-480 Dumps VCE PDF 70-483 Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 291-300

EnsurepassQUESTION 291 Which transport type is used by the DHCP protocol?   A. UDP ports 67 and 69 B. TCP ports 67 and 68 C. UDP and TCP port 67 D. UDP ports 67 and 68   Correct Answer: D     QUESTION 292 Which domain is used for a reverse lookup of IPv4 addresses?   A. in-addr.arpa B. ip4.arpa C. in-addr.net D. ip4.net   Correct Answer: A     QUESTION 293 Which port or ports are used for the FTP data channel in passive mode?   Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 281-290

EnsurepassQUESTION 281 What are two reasons for a certificate to appear in a CRL? (Choose two.)   A. CA key compromise B. cessation of operation C. validity expiration D. key length incompatibility E. certification path invalidity   Correct Answer: AB     QUESTION 282 Which transport method is used by the IEEE 802.1X protocol?   A. EAPOL frames B. 802.3 frames C. UDP RADIUS datagrams D. PPPoE frames   Correct Answer: A     QUESTION Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 271-280

EnsurepassQUESTION 271 What is the advantage of using the ESP protocol over the AH?   A. data confidentiality B. data integrity verification C. nonrepudiation D. anti-replay protection   Correct Answer: A   QUESTION 272 What applications take advantage of a DTLS protocol?   A. delay-sensitive applications, such as voice or video B. applications that require double encryption C. point-to-multipoint topology applications D. applications that are unable Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 251-260

EnsurepassQUESTION 251 Which two OSPF network types support the concept of a designated router? (Choose two.)   A. broadcast B. NBMA C. point-to-multipoint D. point-to-multipoint nonbroadcast E. loopback   Correct Answer: AB     QUESTION 252 Which IPv6 routing protocol can use IPv6 ESP and AH to provide integrity, authentication, and confidentiality services to protect the routing information exchange between the adjacent routing neighbors?   A. RIPng Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 261-270

EnsurepassQUESTION 261 Which algorithm is used to generate the IKEv2 session key?   A. Diffie-Hellman B. Rivest, Shamir, and Adleman C. Secure Hash Algorithm D. Rivest Cipher 4   Correct Answer: A     QUESTION 262 Which statement is true about IKEv2 and IKEv1?   A. IKEv2 can be configured to use EAP, but IKEv1 cannot. B. IKEv2 can be configured to use AES encryption, but IKEv1 cannot. C. IKEv2 can be configured to interoperate with IKEv1 on the other Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 241-250

EnsurepassQUESTION 241 Which two current RFCs discuss special use IP addresses that may be used as a checklist of invalid routing prefixes for IPv4 and IPv6 addresses? (Choose two.)   A. RFC 5156 B. RFC 5735 C. RFC 3330 D. RFC 1918 E. RFC 2827   Correct Answer: AB QUESTION 242 Which four options could be flagged as potential issues by a network security risk assessment? (Choose four.)   A. router hostname and IP addressing scheme B. router filtering rules Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 231-240

EnsurepassQUESTION 231 When you are configuring the COOP feature for GETVPN redundancy, which two steps are required to ensure the proper COOP operations between the key servers? (Choose two.)   A. Generate an exportable RSA key pair on the primary key server and export it to the secondary key server. B. Enable dead peer detection between the primary and secondary key servers. C. Configure HSRP between the primary and secondary key servers. D. Enable IPC between the primary and Read more [...]

[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 221-230

EnsurepassQUESTION 221 Refer to the exhibit, which shows a partial configuration for the EzVPN server. Which three missing ISAKMP profile options are required to support EzVPN using DVTI? (Choose three.)     A. match identity group B. trustpoint C. virtual-interface D. keyring E. enable udp-encapsulation F. isakmp authorization list G. virtual-template   Correct Answer: AFG     QUESTION 222 Which two certificate enrollment methods can be completed Read more [...]