Download New Updated (Spring 2015) Cisco 350-001 Actual Tests 51-60

Ensurepass

 

QUESTION 51

Which three statements are true about TACACS+? (Choose three.)

 

A.       It is a Cisco proprietary protocol.

B.       It runs on TCP port 59. .

C.       Authentication and authorization are done at different stages.

D.      TACACS+ encrypts the entire body of the packet, but leaves a standard TACACS+ header.

E.       It is an industry standard protocol.

F.        TACACS+ encrypts both the entire body of the packet and the TACACS+ header.

 

Correct Answer: ACD

 

 

QUESTION 52

Refer to the exhibit. Which two statements are correct? (Choose two.)

 

clip_image002

 

A.       The hexadecimal value of the number of packets that hit the access list is 0x723E6E12.

B.       The access list has logging enabled.

C.       The packet was discarded.

D.      The command ip access-list logging hash-generation is enabled.

E.       The Telnet connection is successfully set up.

 

Correct Answer: BD

 

 

QUESTION 53

Refer to the exhibit. Which statement is correct?

 

clip_image004

 

A.       This configuration is not valid.

B.       Control Plane Policing is configured; however you cannot determine on which interface it is configured.

C.       NTP is not configured on the router.

D.      Telnet traffic will be dropped.

 

Correct Answer: C

 

 

QUESTION 54

What does Cisco recommend when you are enabling Cisco IOS IPS?

 

A.       Do not enable all the signatures at the same time.

B.       Do not enable the ICMP signature.

C.       Disable the Zone-Based Policy Firewall because it is not compatible with Cisco IOS IPS.

D.      Disable CEF because it is not compatible with Cisco IOS IPS.

 

Correct Answer: A

 

 

QUESTION 55

Refer to the exhibit. Which statement is correct?

 

clip_image006

 

A.  OSPF peers are using Type 1 authentication

B.  OSPF peers are using Type 2 authentication

C.  Authentication is used, but there is a password mismatch

D.  The OSPF peer IP address is 172.16.10.36

 

Correct Answer: B

 

 

QUESTION 56

Which two statements are true about Unicast Reverse Path Forwarding Loose Mode? (Choose two.)

 

A.  It is used in multihome network scenarios.

B.  It can be used with BGP to mitigate DoS and DDoS.

C.  It does not need to have CEF enabled.

D.  It is enabled via the interface level command ip verify unicast reverse-path.

E.  It cannot be used with “classification” access lists.

 

Correct Answer: AB

 

 

QUESTION 57

Refer to the exhibit. What would be the security risk when you are using the above configuration?

 

clip_image007

 

A.       The locally configured users would override the TACACS+ security policy.

B.       It would be impossible to log in to the router if the TACACS+ server is down.

C.       The default login policy would override the TACACS+ configuration.

D.      If the TACACS+ server failed, no authentication would be required.

 

Correct Answer: D

 

 

QUESTION 58

Which three protocols should be explicitly managed by using a CoPP policy on an Internet border router? (Choose three.)

 

A.       SMTP

B.       ICMP

C.       BGP

D.      SSH

E.       RTP

F.        BitTorrent

G.      VTP

 

Correct Answer: BCD

 

 

QUESTION 59

What is true about IP Source Guard with port security?

 

A.       Binding should be manually configured.

B.       It is not supported if IEEE 802.1x port-based authentication is enabled

C.       The DHCP server must support option 82, or the client is not assigned an IP address.

D.      It filters based on source IP address only.

 

Correct Answer: C

QUESTION 60

Refer to the exhibit. Which option best describes how the virtual MAC address is composed?

 

clip_image009

 

A.       based on a randomly generated number

B.       based on the burned-in MAC address of the router

C.       based on a number manually configured by the administrator

D.      based on the configured standby group number

 

Correct Answer: D

 

Free VCE & PDF File for Cisco 350-001 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …